CVE-2025-40005
Modified Modified - Updated After Analysis

BaseFortify

Vulnerability report for CVE-2025-40005, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-20

Last updated on: 2026-06-01

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Implement refcount to handle unbind during busy driver support indirect read and indirect write operation with assumption no force device removal(unbind) operation. However force device removal(removal) is still available to root superuser. Unbinding driver during operation causes kernel crash. This changes ensure driver able to handle such operation for indirect read and indirect write by implementing refcount to track attached devices to the controller and gracefully wait and until attached devices remove operation completed before proceed with removal operation.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-20
Last Modified
2026-06-01
Generated
2026-07-06
AI Q&A
2025-10-20
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 6 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.17
linux linux_kernel 6.17
linux linux_kernel 6.17
linux linux_kernel 6.17
linux linux_kernel From 5.9 (inc) to 6.6.125 (exc)
linux linux_kernel From 6.7 (inc) to 6.16.10 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's cadence-quadspi driver, where the driver did not properly handle forced device removal (unbind) during indirect read and write operations. The driver assumed no forced removal would happen, but since root users can force device removal, unbinding the driver during operation could cause a kernel crash. The fix implements a reference count to track attached devices and ensures the driver waits for ongoing operations to complete before allowing removal, preventing crashes.

Impact Analysis

If exploited, this vulnerability can cause the Linux kernel to crash when a device is forcibly removed during ongoing indirect read or write operations. This can lead to system instability, potential data loss, and denial of service, especially on systems relying on the cadence-quadspi driver for device communication.

Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version that includes the fix implementing refcount handling in the cadence-quadspi driver. Avoid force device removal (unbind) operations on the affected driver during indirect read and write operations until the update is applied.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-40005. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart