CVE-2025-38573
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
spi: cs42l43: Property entry should be a null-terminated array
The software node does not specify a count of property entries, so the array must be null-terminated.
When unterminated, this can lead to a fault in the downstream cs35l56 amplifier driver, because the node parse walks off the end of the array into unknown memory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 0ca645ab5b1528666f6662a0e620140355b5aea3 < 674328102baad76c7a06628efc01974ece5ae27f | affected |
| Linux | Linux | 0ca645ab5b1528666f6662a0e620140355b5aea3 < 9f0035ae38d2571f5ddedc829d74492013caa625 | affected |
| Linux | Linux | 0ca645ab5b1528666f6662a0e620140355b5aea3 < 139b5df757a0aa436f763b0038e0b73808d2f4b6 | affected |
| Linux | Linux | 0ca645ab5b1528666f6662a0e620140355b5aea3 < ffcfd071eec7973e58c4ffff7da4cb0e9ca7b667 | affected |
| Linux | Linux | 6.11 | affected |
| Linux | Linux | 0 < 6.11 | unaffected |
| Linux | Linux | 6.12.42 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.10 <= 6.15.* | unaffected |
| Linux | Linux | 6.16.1 <= 6.16.* | unaffected |
| Linux | Linux | 6.17 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/674328102baad76c7a06628efc01974ece5ae27f
- https://git.kernel.org/stable/c/9f0035ae38d2571f5ddedc829d74492013caa625
- https://git.kernel.org/stable/c/139b5df757a0aa436f763b0038e0b73808d2f4b6
- https://git.kernel.org/stable/c/ffcfd071eec7973e58c4ffff7da4cb0e9ca7b667
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.