-
CVE-2025-39921
- EPSS 0.02%
- Published 01.10.2025 08:15:35
- Last modified 02.10.2025 19:12:17
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved:
spi: microchip-core-qspi: stop checking viability of op->max_freq in supports_op callback
In commit 13529647743d9 ("spi: microchip-core-qspi: Support per spi-mem
operation frequency switches") the logic for checking the viability of
op->max_freq in mchp_coreqspi_setup_clock() was copied into
mchp_coreqspi_supports_op(). Unfortunately, op->max_freq is not valid
when this function is called during probe but is instead zero.
Accordingly, baud_rate_val is calculated to be INT_MAX due to division
by zero, causing probe of the attached memory device to fail.
Seemingly spi-microchip-core-qspi was the only driver that had such a
modification made to its supports_op callback when the per_op_freq
capability was added, so just remove it to restore prior functionality.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
ac8a13f35d5b8996582b3f97b924838a5c570c18
Version
13529647743d906ed3cf991f1d77727e7ff1fb6f
Status
affected
Version <
89e7353f522f5cf70cb48c01ce2dcdcb275b8022
Version
13529647743d906ed3cf991f1d77727e7ff1fb6f
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
6.14
Status
affected
Version <
6.14
Version
0
Status
unaffected
Version <=
6.16.*
Version
6.16.6
Status
unaffected
Version <=
*
Version
6.17
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.052 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|