Out-of-bounds Array Access in Cadence SPI Driver of Linux Kernel
CVE-2025-22067

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 April 2025

What is CVE-2025-22067?

The Cadence SPI driver in the Linux kernel contained a vulnerability that allowed for out-of-bounds array access during clock setup. Specifically, when the requested clock exceeded a certain threshold, the function cdns_mrvl_xspi_setup_clock() failed to adequately handle the iteration, potentially causing the index to exceed the bounds of the array. This flaw was resolved by implementing a check to stop iteration at the last valid entry and enforcing a minimum clock frequency, which addresses potential system instability and prevents related warnings from the UBSAN tool.

Affected Version(s)

Linux 26d34fdc49712ddbd42b11102f5d9d78a0f42097

Linux 26d34fdc49712ddbd42b11102f5d9d78a0f42097 < 645f1813fe0dc96381c36b834131e643b798fd73

References

https://git.kernel.org/stable/c/e50781bf7accc75883cb8a6a9...

https://git.kernel.org/stable/c/c1fb84e274cb6a2bce6ba5e65...

https://git.kernel.org/stable/c/645f1813fe0dc96381c36b834...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 16, 2025