Write Bug in Linux Kernel Affects Xilinx Versal Processors
CVE-2025-21845

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 March 2025

Summary

A bug in the Linux kernel related to the mtd: spi-nor subsystem can lead to issues during write operations on Xilinx Versal processors. The malfunction occurs in the 'sst_nor_write_data()' function, where only a single byte of data is written, regardless of the amount specified. This can cause system crashes and data corruption due to incomplete writes. Proper handling of write sizes is essential to maintain system stability and integrity.

Affected Version(s)

Linux 18bcb4aa54eab75dce41e5c176a1c2bff94f0f79

Linux 18bcb4aa54eab75dce41e5c176a1c2bff94f0f79 < 9553391f32f8c43e12fc7c04e1035160b5ea20bf

Linux 18bcb4aa54eab75dce41e5c176a1c2bff94f0f79 < 539bd20352832b9244238a055eb169ccf1c41ff6

References

https://git.kernel.org/stable/c/bb1accc7e0f688886f0c634f2...

https://git.kernel.org/stable/c/9553391f32f8c43e12fc7c04e...

https://git.kernel.org/stable/c/539bd20352832b9244238a055...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 12, 2025
Vulnerability Reserved
Dec 29, 2024