CVE-2025-37896

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/05/2025
Last modified:
21/05/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: spi-mem: Add fix to avoid divide error<br /> <br /> For some SPI flash memory operations, dummy bytes are not mandatory. For<br /> example, in Winbond SPINAND flash memory devices, the `write_cache` and<br /> `update_cache` operation variants have zero dummy bytes. Calculating the<br /> duration for SPI memory operations with zero dummy bytes causes<br /> a divide error when `ncycles` is calculated in the<br /> spi_mem_calc_op_duration().<br /> <br /> Add changes to skip the &amp;#39;ncylcles&amp;#39; calculation for zero dummy bytes.<br /> <br /> Following divide error is fixed by this change:<br /> <br /> Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI<br /> ...<br /> <br /> ? do_trap+0xdb/0x100<br /> ? do_error_trap+0x75/0xb0<br /> ? spi_mem_calc_op_duration+0x56/0xb0<br /> ? exc_divide_error+0x3b/0x70<br /> ? spi_mem_calc_op_duration+0x56/0xb0<br /> ? asm_exc_divide_error+0x1b/0x20<br /> ? spi_mem_calc_op_duration+0x56/0xb0<br /> ? spinand_select_op_variant+0xee/0x190 [spinand]<br /> spinand_match_and_init+0x13e/0x1a0 [spinand]<br /> spinand_manufacturer_match+0x6e/0xa0 [spinand]<br /> spinand_probe+0x357/0x7f0 [spinand]<br /> ? kernfs_activate+0x87/0xd0<br /> spi_mem_probe+0x7a/0xb0<br /> spi_probe+0x7d/0x130

Impact