30 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: Ensure that the TX and RX FIFOs are empty at the start of a transfer. When transmitting with rxlen == 0, the RX FIFO will not be emptied in the interrupt handler. As a result, the next transfer might read dat...
Linux Distros Unpatched Vulnerability : CVE-2026-46192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself...
Linux Distros Unpatched Vulnerability : CVE-2026-46148
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: microchip-core-qspi: control built-in cs manually The coreQSPI IP supports only a single chip select, which is automagically operated by the hardware - set...
CVE-2026-46148
A flaw was found in the Linux kernel's microchip-core-qspi driver. When multiple devices are connected to the QSPI controller, the built-in chip select CS was automatically set to an active state even when Linux attempted to access a device using a General Purpose Input/Output GPIO pin for its ch...
CVE-2026-46192
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...
CVE-2026-46192
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...
CVE-2026-46192 spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...
CVE-2026-46148
CVE-2026-46148 concerns the Linux kernel’s microchip-core-qspi driver where the built-in chip select could be driven active when multiple devices share the QSPI controller, potentially conflicting with GPIO-based CS. The provided records confirm a concrete fix: the driver now controls chip select...
CVE-2026-46148
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: control built-in cs manually The coreQSPI IP supports only a single chip select, which is automagically operated by the hardware - set low when the transmit buffer first gets written to and set high when...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the spi microchip-core-qspi driver attempting to transmit junk data when simulating read-only...
PT-2026-44315
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the microchip-core-qspi component of the SPI subsystem. The driver incorrectly attempts to transmit garba...
EUVD-2025-31830
File upload leading to remote code execution RCE in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetailimg'...
UBUNTU-CVE-2025-39921
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: stop checking viability of op-maxfreq in supportsop callback In commit 13529647743d9 "spi: microchip-core-qspi: Support per spi-mem operation frequency switches" the logic for checking the viability of...
CVE-2025-39921
The CVE affects the Linux kernel driver spi-microchip-core-qspi. During probe, op->max_freq is not valid (zero) in the supports_op callback, causing baud_rate_val to be INT_MAX and risking probe failure of the attached memory device. The root cause is that the per-op frequency switch logic add...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the op-maxfreq parameter not being properly validated in the spi-microchip-core-qspi driver, which could lea...
PT-2025-40095
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s spi subsystem, specifically within the microchip-core-qspi driver. A logic error introduced during a modification to the supports op callback function...
The vulnerability of the microchip-core component of the Linux operating system’s kernel, which allows a hacker to cause a service failure
The vulnerability of the microchip-core component of the Linux operating system’s kernel is related to the copying of buffers without checking the input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Linux Distros Unpatched Vulnerability : CVE-2024-42279
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the...
CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
SUSE CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...