CVE-2025-68352
CVE-2025-68352: In the Linux kernel, spi/ch341: the function ch341_transfer_one incorrectly copies data using len = min(32, trans->len + 1), which includes the 1-byte command header. This can cause an out-of-bounds read from trans->tx_buf (size trans->len) and, if len equals CH341_PACKET...