Primary

Context

Linux Kernel Cadence QuadSPI Driver Unclocked Access Vulnerability During Unbind

Vulnerability

Patched

A vulnerability has been identified in the Linux kernel's Cadence QuadSPI driver, where an unclocked access to registers can occur during the driver unbind process. This issue arises because the controller is not properly runtime resumed before being disabled, leading to the unclocked access. The vulnerability affects the Linux kernel stable tree, specifically in versions prior to the latest commit that addresses this issue.

Impact

The vulnerability can lead to unclocked access on the Cadence QuadSPI controller, potentially causing undefined behavior or errors in register handling.

Remediation

Users can apply the latest patch available in the Linux kernel stable tree to address this vulnerability. The patch can be downloaded as part of the Linux source code snapshot corresponding to the commit that fixes the issue.

Added: May 28, 2026, 11:32 AM

Updated: May 28, 2026, 11:32 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

1.3

exploitability

3.1

remediation

7.7

relevance

9.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

1.3

exploitability

3.1

remediation

7.7

relevance

9.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Cadence QuadSPI Driver Unclocked Access Vulnerability During Unbind

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating