Out-of-bounds Array Access in Cadence SPI Driver of Linux Kernel
CVE-2025-22067
What is CVE-2025-22067?
The Cadence SPI driver in the Linux kernel contained a vulnerability that allowed for out-of-bounds array access during clock setup. Specifically, when the requested clock exceeded a certain threshold, the function cdns_mrvl_xspi_setup_clock() failed to adequately handle the iteration, potentially causing the index to exceed the bounds of the array. This flaw was resolved by implementing a check to stop iteration at the last valid entry and enforcing a minimum clock frequency, which addresses potential system instability and prevents related warnings from the UBSAN tool.
Affected Version(s)
Linux 26d34fdc49712ddbd42b11102f5d9d78a0f42097
Linux 26d34fdc49712ddbd42b11102f5d9d78a0f42097
Linux 26d34fdc49712ddbd42b11102f5d9d78a0f42097 < 645f1813fe0dc96381c36b834131e643b798fd73