Out-of-bounds Array Access in Cadence SPI Driver of Linux Kernel
CVE-2025-22067

7.8HIGH

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
16 April 2025

What is CVE-2025-22067?

The Cadence SPI driver in the Linux kernel contained a vulnerability that allowed for out-of-bounds array access during clock setup. Specifically, when the requested clock exceeded a certain threshold, the function cdns_mrvl_xspi_setup_clock() failed to adequately handle the iteration, potentially causing the index to exceed the bounds of the array. This flaw was resolved by implementing a check to stop iteration at the last valid entry and enforcing a minimum clock frequency, which addresses potential system instability and prevents related warnings from the UBSAN tool.

Affected Version(s)

Linux 26d34fdc49712ddbd42b11102f5d9d78a0f42097

Linux 26d34fdc49712ddbd42b11102f5d9d78a0f42097

Linux 26d34fdc49712ddbd42b11102f5d9d78a0f42097 < 645f1813fe0dc96381c36b834131e643b798fd73

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.
CVE-2025-22067 : Out-of-bounds Array Access in Cadence SPI Driver of Linux Kernel