Linux Kernel Vulnerability in spi-nor Commands by Vendor Linux
CVE-2025-21793

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A division by zero vulnerability in the Linux kernel has been identified in the spi-nor commands, particularly when the dummy cycle parameter is absent. In situations where both dummy bus cycle bytes and width are zero, this leads to potential CPU warnings. To address this issue, the kernel has been updated to return zero without executing any problematic calculations, effectively mitigating this division error risk.

Affected Version(s)

Linux 1b74dd64c8612619e399e5a31da79a3636914495 < 966328191b4c389c0f2159fa242915f51cbc1679

Linux 1b74dd64c8612619e399e5a31da79a3636914495 < 4df6f005bef04a3dd16c028124a1b5684db3922b

Linux 1b74dd64c8612619e399e5a31da79a3636914495 < 7434135553bc03809a55803ee6a8dcaae6240d55

References

https://git.kernel.org/stable/c/966328191b4c389c0f2159fa2...

https://git.kernel.org/stable/c/4df6f005bef04a3dd16c02812...

https://git.kernel.org/stable/c/7434135553bc03809a55803ee...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024