59 matches found
CVE-2025-37842
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-qspi: use devm function instead of driver remove Driver use devm APIs to manage clk/irq/resources and register the spi controller, but the legacy remove function will be called first during device detach and trigger kern...
UBUNTU-CVE-2025-37842
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-qspi: use devm function instead of driver remove Driver use devm APIs to manage clk/irq/resources and register the spi controller, but the legacy remove function will be called first during device detach and trigger kern...
CVE-2025-37842
CVE-2025-37842 affects the Linux kernel and is resolved by upgrading to kernel versions >= 6.6.112.1-2 (as noted by Mariner/Astra/SUSE advisories). Technical details from connected docs indicate the issue arises in the spi/fsl-qspi driver cleanup path: the driver previously used a legacy remov...
CVE-2021-47469
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2021-47469
This CVE-2021-47469 entry is rejected and does not represent an active vulnerability entry.
CVE-2024-26866 spi: lpspi: Avoid potential use-after-free in probe()
In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...
UBUNTU-CVE-2021-47195
In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the addlock mutex Commit 6098475d4cb4 "spi: Fix deadlock when adding SPI controllers on SPI buses" introduced a per-controller mutex. But mutexunlock of said lock is called after the controller is alrea...
CVE-2024-26806
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
UBUNTU-CVE-2024-26806
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
CVE-2024-26807 spi: cadence-qspi: fix pointer reference in runtime PM hooks
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...
CVE-2024-26807 spi: cadence-qspi: fix pointer reference in runtime PM hooks
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...
CVE-2024-26807
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...
CVE-2024-26807
CVE-2024-26807 is a Linux kernel issue in the cadence-quadspi driver where the runtime suspend/resume paths incorrectly retrieve a spi_controller pointer via dev_get_drvdata, potentially using a cqspi_st instead of a spi_controller. This mismatch can cause memory corruption and kernel crashes dur...
CVE-2024-26806
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
SUSE CVE-2021-46959
In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devmspialloc We can't rely on the contents of the devres list during spiunregistercontroller, as the list is already torn down at the time we perform devresfind for devmspireleasecontroller. This caus...
UBUNTU-CVE-2021-46959
In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devmspialloc We can't rely on the contents of the devres list during spiunregistercontroller, as the list is already torn down at the time we perform devresfind for devmspireleasecontroller. This caus...
CVE-2021-47047
In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dmamapsingle fails The spi controller supports 44-bit address space on AXI in DMA mode, so set dmaaddrt width to 44-bit to avoid using a swiotlb mapping. In addition, if dmamapsingle fails...
CVE-2021-47047 spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails
In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dmamapsingle fails The spi controller supports 44-bit address space on AXI in DMA mode, so set dmaaddrt width to 44-bit to avoid using a swiotlb mapping. In addition, if dmamapsingle fails...
PT-2025-26116 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the simplification of devm spi register controller. The issue arises when devm add action fails in devm add action or...