CVE-2025-40005
BaseFortify
Publication date: 2025-10-20
Last updated on: 2026-03-25
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | From 5.9 (inc) to 6.6.125 (exc) |
| linux | linux_kernel | From 6.7 (inc) to 6.16.10 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's cadence-quadspi driver, where the driver did not properly handle forced device removal (unbind) during indirect read and write operations. The driver assumed no forced removal would happen, but since root users can force device removal, unbinding the driver during operation could cause a kernel crash. The fix implements a reference count to track attached devices and ensures the driver waits for ongoing operations to complete before allowing removal, preventing crashes.
How can this vulnerability impact me? :
If exploited, this vulnerability can cause the Linux kernel to crash when a device is forcibly removed during ongoing indirect read or write operations. This can lead to system instability, potential data loss, and denial of service, especially on systems relying on the cadence-quadspi driver for device communication.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the Linux kernel to a version that includes the fix implementing refcount handling in the cadence-quadspi driver. Avoid force device removal (unbind) operations on the affected driver during indirect read and write operations until the update is applied.