CVE-2025-40005
Published: Oct 20, 2025
Modified: Jun 1, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Implement refcount to handle unbind during busy driver support indirect read and indirect write operation with assumption no force device removal(unbind) operation. However force device removal(removal) is still available to root superuser. Unbinding driver during operation causes kernel crash. This changes ensure driver able to handle such operation for indirect read and indirect write by implementing refcount to track attached devices to the controller and gracefully wait and until attached devices remove operation completed before proceed with removal operation.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected a314f6367787ee1d767df9a2120f17e4511144d0 - < 8ce3ebbe5c718940b4e94f5c25f5720223f893f8affected a314f6367787ee1d767df9a2120f17e4511144d0 - < 56787f4a75907ae99b5f5842b756fa68e2482f6daffected a314f6367787ee1d767df9a2120f17e4511144d0 - < 8df235f768cea7a5829cb02525622646eb0df5f5affected a314f6367787ee1d767df9a2120f17e4511144d0 - < 65ed52200080eafce3eead05cf22ce01238defcaaffected a314f6367787ee1d767df9a2120f17e4511144d0 - < b7ec8a2b094a33d0464958c2cbf75b8f229098b0+1 more versions |
Linux | Linux | affected 5.9unaffected 0 - < 5.9unaffected 5.15.209 - <= 5.15.*unaffected 6.1.167 - <= 6.1.*unaffected 6.6.125 - <= 6.6.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now