CVE-2025-22067

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-22067

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22067.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-22067

Downstream

BELL-CVE-2025-22067

DEBIAN-CVE-2025-22067

MINI-v5wc-f8x5-mp85

UBUNTU-CVE-2025-22067

USN-7594-1

USN-7594-2

USN-7594-3

Published

2025-04-16T15:16:00Z

Modified

2025-08-09T20:01:27Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

spi: cadence: Fix out-of-bounds array access in cdnsmrvlxspisetupclock()

If requestedclk > 128, cdnsmrvlxspisetupclock() iterates over the entire cdnsmrvlxspiclkdivlist array without breaking out early, causing 'i' to go beyond the array bounds.

Fix that by stopping the loop when it gets to the last entry, clamping the clock to the minimum 6.25 MHz.

Fixes the following warning with an UBSAN kernel:

vmlinux.o: warning: objtool: cdnsmrvlxspisetupclock: unexpected end of section .text.cdnsmrvlxspisetupclock

References

Affected packages