๐Ÿ” CVE Alert

CVE-2025-68773

UNKNOWN 0.0

spi: fsl-cpm: Check length parity before switching to 16 bit mode

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec826bce ("spi: fsl-cpm: Use 16 bit mode for large transfers with even size") failed to make sure that the size is really even before switching to 16 bit mode. Until recently the problem went unnoticed because kernfs uses a pre-allocated bounce buffer of size PAGE_SIZE for reading EEPROM. But commit 8ad6249c51d0 ("eeprom: at25: convert to spi-mem API") introduced an additional dynamically allocated bounce buffer whose size is exactly the size of the transfer, leading to a buffer overrun in the fsl-cpm driver when that size is odd. Add the missing length parity verification and remain in 8 bit mode when the length is not even.

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Jan 13, 2026
Last Updated May 11, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
60afe299bb541a928ba39bcb4ae8d3e428d1c5a5 < c8f1d35076b78df61ace737e41cc1f4b7b63236c 4badd33929c05ed314794b95f1af1308f7222be8 < 9c34a4a2ead00979d203a8c16bea87f0ef5291d8 7f6738e003b364783f3019fdf6e7645bc8dd1643 < 837a23a11e0f734f096c7c7b0778d0e625e3dc87 fc96ec826bced75cc6b9c07a4ac44bbf651337ab < 3dd6d01384823e1bd8602873153d6fc4337ac4fe fc96ec826bced75cc6b9c07a4ac44bbf651337ab < 743cebcbd1b2609ec5057ab474979cef73d1b681 fc96ec826bced75cc6b9c07a4ac44bbf651337ab < be0b613198e6bfa104ad520397cab82ad3ec1771 fc96ec826bced75cc6b9c07a4ac44bbf651337ab < 1417927df8049a0194933861e9b098669a95c762 42c04316d9275ec267d36e5e9064cd56c9884148 dc120f2d35b030390a2bc0f94dd5f37e900cae91 b558275c1b040f0e5aa56c862241f9212b6118c3 b9d9e8856f1c83e4277403f9b4c369b322ebcb12 36a6d0f66c874666caf4e8be155b1be30f6231be
Linux / Linux
6.4

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/c8f1d35076b78df61ace737e41cc1f4b7b63236c git.kernel.org: https://git.kernel.org/stable/c/9c34a4a2ead00979d203a8c16bea87f0ef5291d8 git.kernel.org: https://git.kernel.org/stable/c/837a23a11e0f734f096c7c7b0778d0e625e3dc87 git.kernel.org: https://git.kernel.org/stable/c/3dd6d01384823e1bd8602873153d6fc4337ac4fe git.kernel.org: https://git.kernel.org/stable/c/743cebcbd1b2609ec5057ab474979cef73d1b681 git.kernel.org: https://git.kernel.org/stable/c/be0b613198e6bfa104ad520397cab82ad3ec1771 git.kernel.org: https://git.kernel.org/stable/c/1417927df8049a0194933861e9b098669a95c762