CVE-2025-21793

Summary

In the Linux kernel, the following vulnerability has been resolved:

spi: sn-f-ospi: Fix division by zero

When there is no dummy cycle in the spi-nor commands, both dummy bus cycle bytes and width are zero. Because of the cpu's warning when divided by zero, the warning should be avoided. Return just zero to avoid such calculations.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1b74dd64c8612619e399e5a31da79a3636914495 < 966328191b4c389c0f2159fa242915f51cbc1679affected
LinuxLinux1b74dd64c8612619e399e5a31da79a3636914495 < 4df6f005bef04a3dd16c028124a1b5684db3922baffected
LinuxLinux1b74dd64c8612619e399e5a31da79a3636914495 < 7434135553bc03809a55803ee6a8dcaae6240d55affected
LinuxLinux1b74dd64c8612619e399e5a31da79a3636914495 < 3588b1c0fde2f58d166e3f94a5a58d64b893526caffected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.6.79 <= 6.6.*unaffected
LinuxLinux6.12.16 <= 6.12.*unaffected
LinuxLinux6.13.4 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References