ghsa-8g7v-9g36-5jm6
Vulnerability from github
Published
2025-05-20 18:30
Modified
2025-05-20 18:30
Details

In the Linux kernel, the following vulnerability has been resolved:

spi: spi-mem: Add fix to avoid divide error

For some SPI flash memory operations, dummy bytes are not mandatory. For example, in Winbond SPINAND flash memory devices, the write_cache and update_cache operation variants have zero dummy bytes. Calculating the duration for SPI memory operations with zero dummy bytes causes a divide error when ncycles is calculated in the spi_mem_calc_op_duration().

Add changes to skip the 'ncylcles' calculation for zero dummy bytes.

Following divide error is fixed by this change:

Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI ...

? do_trap+0xdb/0x100 ? do_error_trap+0x75/0xb0 ? spi_mem_calc_op_duration+0x56/0xb0 ? exc_divide_error+0x3b/0x70 ? spi_mem_calc_op_duration+0x56/0xb0 ? asm_exc_divide_error+0x1b/0x20 ? spi_mem_calc_op_duration+0x56/0xb0 ? spinand_select_op_variant+0xee/0x190 [spinand] spinand_match_and_init+0x13e/0x1a0 [spinand] spinand_manufacturer_match+0x6e/0xa0 [spinand] spinand_probe+0x357/0x7f0 [spinand] ? kernfs_activate+0x87/0xd0 spi_mem_probe+0x7a/0xb0 spi_probe+0x7d/0x130

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2025-37896"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-20T16:15:25Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-mem: Add fix to avoid divide error\n\nFor some SPI flash memory operations, dummy bytes are not mandatory. For\nexample, in Winbond SPINAND flash memory devices, the `write_cache` and\n`update_cache` operation variants have zero dummy bytes. Calculating the\nduration for SPI memory operations with zero dummy bytes causes\na divide error when `ncycles` is calculated in the\nspi_mem_calc_op_duration().\n\nAdd changes to skip the \u0027ncylcles\u0027 calculation for zero dummy bytes.\n\nFollowing divide error is fixed by this change:\n\n Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n...\n\n  ? do_trap+0xdb/0x100\n  ? do_error_trap+0x75/0xb0\n  ? spi_mem_calc_op_duration+0x56/0xb0\n  ? exc_divide_error+0x3b/0x70\n  ? spi_mem_calc_op_duration+0x56/0xb0\n  ? asm_exc_divide_error+0x1b/0x20\n  ? spi_mem_calc_op_duration+0x56/0xb0\n  ? spinand_select_op_variant+0xee/0x190 [spinand]\n  spinand_match_and_init+0x13e/0x1a0 [spinand]\n  spinand_manufacturer_match+0x6e/0xa0 [spinand]\n  spinand_probe+0x357/0x7f0 [spinand]\n  ? kernfs_activate+0x87/0xd0\n  spi_mem_probe+0x7a/0xb0\n  spi_probe+0x7d/0x130",
  "id": "GHSA-8g7v-9g36-5jm6",
  "modified": "2025-05-20T18:30:54Z",
  "published": "2025-05-20T18:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37896"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1915dbd67dadc0bb35670c8e28229baa29368d17"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8e4d3d8a5e51e07bd0d6cdd81b5e4af79f796927"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.