CVE-2026-46246

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler<br /> <br /> Using the `devm_` variant for requesting IRQ _before_ the `devm_`<br /> variant for allocating/registering the `extcon` handle, means that the<br /> `extcon` handle will be deallocated/unregistered _before_ the interrupt<br /> handler (since `devm_` naturally deallocates in reverse allocation<br /> order). This means that during removal, there is a race condition where<br /> an interrupt can fire just _after_ the `extcon` handle has been<br /> freed, *but* just _before_ the corresponding unregistration of the IRQ<br /> handler has run.<br /> <br /> This will lead to the IRQ handler calling `extcon_set_state_sync()` with<br /> a freed `extcon` handle. Which usually crashes the system or otherwise<br /> silently corrupts the memory...<br /> <br /> Fix this racy use-after-free by making sure the IRQ is requested _after_<br /> the registration of the `extcon` handle.