CVE-2025-39921

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s spi subsystem, specifically within the microchip-core-qspi driver. A logic error introduced during a modification to the supports op callback function causes an invalid check of op->max freq during probe operations. This results in a division by zero when calculating baud rate val, leading to the failure of probe operations for attached memory devices. The issue stems from copying logic into mchp coreqspi supports op() that relies on a zero value for op->max freq during the probe phase.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.