Description

In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: unregister ECC engine on probe error and device remove The on-host hardware ECC engine remains registered both when the spi_register_controller() function returns with an error and also on device removal. Change the qcom_spi_probe() function to unregister the engine on the error path, and add the missing unregistering call to qcom_spi_remove() to avoid possible use-after-free issues.

INFO

Published Date :

2025-10-01T07:42:42.344Z

Last Modified :

2026-01-14T19:33:13.571Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-39893 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-39893.

URL Resource
https://git.kernel.org/stable/c/1991a458528588ff34e98b6365362560d208710f cve-icon cve-icon
https://git.kernel.org/stable/c/e4de48e66af17547727bb2e4b1867952817edff7 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025100115-CVE-2025-39893-6653@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-39893 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-39893 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact