CVE-2025-71299

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the spi: cadence-quadspi driver where a runtime PM (Power Management) disable operation in the probe() function error paths can trigger duplicate clock disables. This occurs because the probe() function manually disables clocks while runtime PM may also release the same reference to the main clock for the IP, leading to warnings from the clock subsystem. This behavior is more likely to occur when there is missing or broken Device Tree (DT) description for the flashes attached to the controller.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.