CVE-2025-22067 spi: cadence: Fix out-of-bounds array access in cdns_mrvl_xspi_setup_clock()

In the Linux kernel, the following vulnerability has been resolved: spi: cadence: Fix out-of-bounds array access in cdnsmrvlxspisetupclock If requestedclk 128, cdnsmrvlxspisetupclock iterates over the entire cdnsmrvlxspiclkdivlist array without breaking out early, causing 'i' to go beyond the arr...

PT-2025-16707 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically an out-of-bounds array access in the cdns mrvl xspi setup clock function. This issue occurs when requested clk is...