CVE-2026-46308

NONE

—CVSS v3

—CVSS v2

— EPSS (exploit probability)

—CWE

Description

In the Linux kernel, the following vulnerability has been resolved:

pmdomain: mediatek: fix use-after-free in scpsys_get_bus_protection_legacy()

In scpsys_get_bus_protection_legacy(), of_find_node_with_property()
returns a device node with its reference count incremented. The function
then calls of_node_put(node) before checking whether
syscon_regmap_lookup_by_phandle() returns an error. If an error occurs,
dev_err_probe() dereferences the node pointer to print diagnostic
information, but the node memory may have already been freed due to the
earlier of_node_put(), leading to a use-after-free vulnerability.

Fix this by moving the of_node_put() call after the error check, ensuring
the node is still valid when accessed in the error path.

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE