Linux Kernel SPI-NOR SST Write Operation Vulnerability Leading to Kernel Crash

Vulnerability

A vulnerability in the Linux kernel's SPI-NOR driver for SST devices has been introduced by a recent commit. This vulnerability causes only one byte of data to be written, regardless of the actual amount specified. As a result, a kernel crash occurs during the write process. The issue arises in version 6.12.0, as indicated by the call trace included in the commit.

Impact

Exploitation of this vulnerability leads to a kernel crash, disrupting system operations and potentially causing data loss or corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SPI-NOR SST Write Operation Vulnerability Leading to Kernel Crash

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating