In the Linux kernel, the following vulnerability has been resolved:
Input: edt-ft5x06 - fix use-after-free in debugfs teardown
The commit 68743c500c6e ("Input: edt-ft5x06 - use per-client debugfs directory") removed the manual debugfs teardown, relying on the I2C core to handle it. However, this creates a window where debugfs files are still accessible after edtft5x06tsteardowndebugfs() frees tsdata->raw_buffer.
To prevent a use-after-free, protect the freeing of rawbuffer with the device mutex and set rawbuffer to NULL. The debugfs read function already checks if raw_buffer is NULL under the same mutex, so this safely avoids the use-after-free.
{
"cna_assigner": "Linux",
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46097.json"
}