CVE-2025-21793

MEDIUM

Linux Kernel - Division by Zero in SPI SN-F-OSPI Driver

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: spi: sn-f-ospi: Fix division by zero When there is no dummy cycle in the spi-nor commands, both dummy bus cycle bytes and width are zero. Because of the cpu's warning when divided by zero, the warning should be avoided. Return just zero to avoid such calculations.

References (4)

[Patch] https://git.kernel.org/stable/c/3588b1c0fde2f58d166e3f94a5a58d64b893526c

[Patch] https://git.kernel.org/stable/c/4df6f005bef04a3dd16c028124a1b5684db3922b

[Patch] https://git.kernel.org/stable/c/7434135553bc03809a55803ee6a8dcaae6240d55

[Patch] https://git.kernel.org/stable/c/966328191b4c389c0f2159fa242915f51cbc1679

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 1.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-369

Status published

Products (5)

linux/Kernel 6.13.0 - 6.13.4linux

linux/Kernel 6.2.0 - 6.6.79linux

linux/Kernel 6.7.0 - 6.12.16linux

linux/linux_kernel 6.14 rc1 (2 CPE variants)

linux/linux_kernel 6.2 - 6.6.79

Published Feb 27, 2025

Tracked Since Feb 18, 2026