CVE-2025-40005

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: cadence-quadspi: Implement refcount to handle unbind during busy<br /> <br /> driver support indirect read and indirect write operation with<br /> assumption no force device removal(unbind) operation. However<br /> force device removal(removal) is still available to root superuser.<br /> <br /> Unbinding driver during operation causes kernel crash. This changes<br /> ensure driver able to handle such operation for indirect read and<br /> indirect write by implementing refcount to track attached devices<br /> to the controller and gracefully wait and until attached devices<br /> remove operation completed before proceed with removal operation.