ghsa-99cm-3rm5-ghgx
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
spi: rockchip-sfc: Fix DMA-API usage
Use DMA-API dma_map_single() call for getting the DMA address of the transfer buffer instead of hacking with virt_to_phys().
This fixes the following DMA-API debug warning: ------------[ cut here ]------------ DMA-API: rockchip-sfc fe300000.spi: device driver tries to sync DMA memory it has not allocated [device address=0x000000000cf70000] [size=288 bytes] WARNING: kernel/dma/debug.c:1106 at check_sync+0x1d8/0x690, CPU#2: systemd-udevd/151 Modules linked in: ... Hardware name: Hardkernel ODROID-M1 (DT) pstate: 604000c9 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : check_sync+0x1d8/0x690 lr : check_sync+0x1d8/0x690 .. Call trace: check_sync+0x1d8/0x690 (P) debug_dma_sync_single_for_cpu+0x84/0x8c __dma_sync_single_for_cpu+0x88/0x234 rockchip_sfc_exec_mem_op+0x4a0/0x798 [spi_rockchip_sfc] spi_mem_exec_op+0x408/0x498 spi_nor_read_data+0x170/0x184 spi_nor_read_sfdp+0x74/0xe4 spi_nor_parse_sfdp+0x120/0x11f0 spi_nor_sfdp_init_params_deprecated+0x3c/0x8c spi_nor_scan+0x690/0xf88 spi_nor_probe+0xe4/0x304 spi_mem_probe+0x6c/0xa8 spi_probe+0x94/0xd4 really_probe+0xbc/0x298 ...
{
"affected": [],
"aliases": [
"CVE-2025-40356"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-16T14:15:47Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: rockchip-sfc: Fix DMA-API usage\n\nUse DMA-API dma_map_single() call for getting the DMA address of the\ntransfer buffer instead of hacking with virt_to_phys().\n\nThis fixes the following DMA-API debug warning:\n------------[ cut here ]------------\nDMA-API: rockchip-sfc fe300000.spi: device driver tries to sync DMA memory it has not allocated [device address=0x000000000cf70000] [size=288 bytes]\nWARNING: kernel/dma/debug.c:1106 at check_sync+0x1d8/0x690, CPU#2: systemd-udevd/151\nModules linked in: ...\nHardware name: Hardkernel ODROID-M1 (DT)\npstate: 604000c9 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : check_sync+0x1d8/0x690\nlr : check_sync+0x1d8/0x690\n..\nCall trace:\n check_sync+0x1d8/0x690 (P)\n debug_dma_sync_single_for_cpu+0x84/0x8c\n __dma_sync_single_for_cpu+0x88/0x234\n rockchip_sfc_exec_mem_op+0x4a0/0x798 [spi_rockchip_sfc]\n spi_mem_exec_op+0x408/0x498\n spi_nor_read_data+0x170/0x184\n spi_nor_read_sfdp+0x74/0xe4\n spi_nor_parse_sfdp+0x120/0x11f0\n spi_nor_sfdp_init_params_deprecated+0x3c/0x8c\n spi_nor_scan+0x690/0xf88\n spi_nor_probe+0xe4/0x304\n spi_mem_probe+0x6c/0xa8\n spi_probe+0x94/0xd4\n really_probe+0xbc/0x298\n ...",
"id": "GHSA-99cm-3rm5-ghgx",
"modified": "2025-12-16T15:30:43Z",
"published": "2025-12-16T15:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40356"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/22810d4cb0e8a7d51b24527e73beac60afc1c693"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ee795e82e10197c070efd380dc9615c73dffad6c"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.