CVE-2026-46103

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> can: ucan: fix devres lifetime<br /> <br /> USB drivers bind to USB interfaces and any device managed resources<br /> should have their lifetime tied to the interface rather than parent USB<br /> device. This avoids issues like memory leaks when drivers are unbound<br /> without their devices being physically disconnected (e.g. on probe<br /> deferral or configuration changes).<br /> <br /> Fix the control message buffer lifetime so that it is released on driver<br /> unbind.