CVE-2025-68746

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: tegra210-quad: Fix timeout handling<br /> <br /> When the CPU that the QSPI interrupt handler runs on (typically CPU 0)<br /> is excessively busy, it can lead to rare cases of the IRQ thread not<br /> running before the transfer timeout is reached.<br /> <br /> While handling the timeouts, any pending transfers are cleaned up and<br /> the message that they correspond to is marked as failed, which leaves<br /> the curr_xfer field pointing at stale memory.<br /> <br /> To avoid this, clear curr_xfer to NULL upon timeout and check for this<br /> condition when the IRQ thread is finally run.<br /> <br /> While at it, also make sure to clear interrupts on failure so that new<br /> interrupts can be run.<br /> <br /> A better, more involved, fix would move the interrupt clearing into a<br /> hard IRQ handler. Ideally we would also want to signal that the IRQ<br /> thread no longer needs to be run after the timeout is hit to avoid the<br /> extra check for a valid transfer.