Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-46308

Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
08/06/2026
Última modificación:
08/06/2026

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> pmdomain: mediatek: fix use-after-free in scpsys_get_bus_protection_legacy()<br /> <br /> In scpsys_get_bus_protection_legacy(), of_find_node_with_property()<br /> returns a device node with its reference count incremented. The function<br /> then calls of_node_put(node) before checking whether<br /> syscon_regmap_lookup_by_phandle() returns an error. If an error occurs,<br /> dev_err_probe() dereferences the node pointer to print diagnostic<br /> information, but the node memory may have already been freed due to the<br /> earlier of_node_put(), leading to a use-after-free vulnerability.<br /> <br /> Fix this by moving the of_node_put() call after the error check, ensuring<br /> the node is still valid when accessed in the error path.

Impacto