CVE-2026-46074

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified) openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1

Description A memory leak and use-after-free issue exists in the spi: ch341 driver. The problem occurs during probe failures when the controller is not properly deregistered, pins are not disabled, and the RX URB (USB Request Block, a data structure used to describe a USB transfer) is not killed and freed. This lack of symmetry with the disconnect process leads to the resource leaks.

Recommendations Update to kernel-devel-7.0.11-1.1 for openSUSE Tumbleweed. At the moment, there is no information about a newer version that contains a fix for this vulnerability for the Linux kernel.