CVE-2026-46308

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue exists in the scpsys get bus protection legacy() function. The of find node with property() function returns a device node with an incremented reference count, but of node put(node) is called before verifying if syscon regmap lookup by phandle() returns an error. If an error occurs, dev err probe() attempts to dereference the node pointer to print diagnostic information; however, the node memory may have already been freed, leading to the use-after-free condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.