16 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy bytes are not mandatory. For example, in Winbond SPINAND flash memory devices, the writecache and updatecache operation variants have zero...
CVE-2025-68773
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec826bce "spi: fsl-cpm: Use 16 bit mode for large transfers with even size" failed to make sure that the size is really even before switching to 16 bit...
AZL-74414 CVE-2025-68773 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec826bce "spi: fsl-cpm: Use 16 bit mode for large transfers with even size" failed to make sure that the size is really even before switching to 16 bit...
CVE-2025-68773
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec826bce "spi: fsl-cpm: Use 16 bit mode for large transfers with even size" failed to make sure that the size is really even before switching to 16 bit...
CVE-2025-68773 spi: fsl-cpm: Check length parity before switching to 16 bit mode
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec826bce "spi: fsl-cpm: Use 16 bit mode for large transfers with even size" failed to make sure that the size is really even before switching to 16 bit...
CVE-2025-40356
In the Linux kernel, CVE-2025-40356 relates to the rockchip-sfc SPI driver. The vulnerability was addressed by replacing a DMA-API usage pattern that retrieved DMA addresses via virt_to_phys() with a proper dma_map_single() call, preventing the driver from syncing DMA memory it did not allocate. ...
SUSE CVE-2025-37896
In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy bytes are not mandatory. For example, in Winbond SPINAND flash memory devices, the writecache and updatecache operation variants have zero...
CVE-2025-37896
In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy bytes are not mandatory. For example, in Winbond SPINAND flash memory devices, the writecache and updatecache operation variants have zero...
UBUNTU-CVE-2025-37896
In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy bytes are not mandatory. For example, in Winbond SPINAND flash memory devices, the writecache and updatecache operation variants have zero...
CVE-2025-37896
CVE-2025-37896 addresses a divide-by-zero in spi-mem duration calculation (spi_mem_calc_op_duration) when dummy bytes are zero in certain SPI flash operations (e.g., Winbond SPINAND write_cache/update_cache). The fix skips the ncylcles calculation when dummy bytes are zero, preventing the divide ...
PT-2025-22158 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A divide error issue has been identified in the Linux kernel related to SPI flash memory operations. Specifically, when calculating the duration for SPI memory operations with zero dum...
DEBIAN-CVE-2024-53046
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs, so correct the compatible string here, otherwise will meet below error: 1.119072 ------------ cut...
SUSE CVE-2023-52708
In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fix error handling in mmcspiprobe If mmcaddhost fails, it doesn't need to call mmcremovehost, or it will cause null-ptr-deref, because of deleting a not added device in mmcremovehost. To fix this, goto label...
UBUNTU-CVE-2024-26806
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
CVE-2022-32295
On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component...
GIGABYTE BRIX Mini PCs suffer from a flawed firmware protection mechanism vulnerability
GIGABYTE is a professional motherboard manufacturer in Taiwan, GB-BSi7H-6500 and GB-BXi7-5775 are the BRIX series of mini PCs. UEFI, or Unified Extensible Firmware Interface, is a standard that describes a detailed type of interface. This interface is used to automatically load the operating syst...