In the Linux kernel, the following vulnerability has been resolved:
spi: s3c64xx: fix NULL-deref on driver unbind
A change moving DMA channel allocation from probe() back to s3c64xxspiprepare_transfer() failed to remove the corresponding deallocation from remove().
Drop the bogus DMA channel release from remove() to avoid triggering a NULL-pointer dereference on driver unbind.
This issue was flagged by Sashiko when reviewing a controller deregistration fix.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46296.json",
"cna_assigner": "Linux"
}