CVE-2025-40005 spi: cadence-quadspi: Implement refcount to handle unbind during busy

🗓️ 20 Oct 2025 15:26:52Reported by GoogleType

osv

osv🔗 osv.dev

Cadence QuadSPI driver fix adds refcount to handle unbind during busy and prevent kernel crash.

Reporter	Title	Published	Views	Family All 98
ATTACKERKB	CVE-2025-40005	20 Oct 202515:26	–	attackerkb
CBLMariner	CVE-2025-40005 affecting package kernel for versions less than 6.6.126.1-1	10 Mar 202622:56	–	cbl_mariner
Chainguard	CVE-2025-40005 vulnerabilities	10 Apr 202602:13	–	cgr
Circl	CVE-2025-40005	3 Dec 202514:14	–	circl
CNNVD	Linux kernel 安全漏洞	20 Oct 202500:00	–	cnnvd
CVE	CVE-2025-40005	20 Oct 202515:26	–	cve
Cvelist	CVE-2025-40005 spi: cadence-quadspi: Implement refcount to handle unbind during busy	20 Oct 202515:26	–	cvelist
Debian	[SECURITY] [DLA 4561-1] linux-6.1 security update	2 May 202608:40	–	debian
Debian	[SECURITY] [DSA 6238-1] linux security update	30 Apr 202620:05	–	debian
Debian	[SECURITY] [DSA 6243-1] linux security update	1 May 202619:10	–	debian

Source	Link
git	www.git.kernel.org/stable/c/56787f4a75907ae99b5f5842b756fa68e2482f6d
git	www.git.kernel.org/stable/c/65ed52200080eafce3eead05cf22ce01238defca
git	www.git.kernel.org/stable/c/7446284023e8ef694fb392348185349c773eefb3
git	www.git.kernel.org/stable/c/8df235f768cea7a5829cb02525622646eb0df5f5
git	www.git.kernel.org/stable/c/b7ec8a2b094a33d0464958c2cbf75b8f229098b0
github	www.github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40005.json
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-40005
git	www.git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

02 Apr 2026 12:48Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.15.5

EPSS0.00035

cadence quadspi refcount unbind during busy indirect read indirect write device removal kernel crash linux kernel