CVE-2025-39921
The CVE affects the Linux kernel driver spi-microchip-core-qspi. During probe, op->max_freq is not valid (zero) in the supports_op callback, causing baud_rate_val to be INT_MAX and risking probe failure of the attached memory device. The root cause is that the per-op frequency switch logic add...