CVE-2026-23068

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: spi-sprd-adi: Fix double free in probe error path<br /> <br /> The driver currently uses spi_alloc_host() to allocate the controller<br /> but registers it using devm_spi_register_controller().<br /> <br /> If devm_register_restart_handler() fails, the code jumps to the<br /> put_ctlr label and calls spi_controller_put(). However, since the<br /> controller was registered via a devm function, the device core will<br /> automatically call spi_controller_put() again when the probe fails.<br /> This results in a double-free of the spi_controller structure.<br /> <br /> Fix this by switching to devm_spi_alloc_host() and removing the<br /> manual spi_controller_put() call.