In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new ->read() calls and flush the Atmel I2C workqueue before teardown to prevent a potential UAF if a queued callback runs while the device is being removed. Drop the early return to ensure sysfs entries are removed and ->hwrng.priv is freed, preventing a memory leak.

A flaw was found in the Linux kernel, specifically within the `atmel-sha204a` cryptographic hardware random number generator (hwrng) driver. During the device removal process, a race condition can occur where a queued callback might execute while the device is being torn down. This can lead to a Use-After-Free (UAF) vulnerability, potentially allowing an attacker to execute arbitrary code or cause a denial of service. Additionally, an issue with early returns in the removal path could prevent proper freeing of resources, resulting in a memory leak.

Red Hat Enterprise Linux 10 Fix deferred kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel-rt Red Hat Enterprise Linux 8 Not affected kernel Red Hat Enterprise Linux 8 Not affected kernel-rt Red Hat Enterprise Linux 9 Not affected kernel Red Hat Enterprise Linux 9 Not affected kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-46075 https://nvd.nist.gov/vuln/detail/CVE-2026-46075 https://lore.kernel.org/linux-cve-announce/2026052759-CVE-2026-46075-8a6c@gregkh/T