PT-2026-44326 · Linux+1 · Linux Kernel+1

Published

2026-05-28

·

Updated

2026-06-19

·

CVE-2026-46203

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified) openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1
Description A flaw exists in the cadence-quadspi SPI driver where an unclocked register access can occur during driver unbind. This happens because the controller is not runtime resumed before being disabled.
Recommendations Update to kernel-devel-7.0.11-1.1 for openSUSE Tumbleweed. At the moment, there is no information about a newer version that contains a fix for this vulnerability for the Linux kernel.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-46203
OPENSUSE-SU-2026:10954-1

Affected Products

Linux Kernel
Opensuse Tumbleweed