CVE-2026-23202
Severity
5.5MEDIUM
EPSS
0.0%
top 94.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 14
Latest updateApr 13
Description
In the Linux kernel, the following vulnerability has been resolved:
spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer
The curr_xfer field is read by the IRQ handler without holding the lock
to check if a transfer is in progress. When clearing curr_xfer in the
combined sequence transfer loop, protect it with the spinlock to prevent
a race with the interrupt handler.
Protect the curr_xfer clearing at the exit path of
tegra_qspi_combined_seq_xfer() with the spinlock to preven…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5linux/linux88db8bb7ed1bb474618acdf05ebd4f0758d244e2 — 9fa4262a80f751d14a6a39d2c03f57db68da2618+11
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-g2fg-h3fh-wpj6: In the Linux kernel, the following vulnerability has been resolved:
spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer
The curr_x↗2026-02-14
OSV▶
CVE-2026-23202: In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer The curr_xfe↗2026-02-14
📋Vendor Advisories
5Debian▶
CVE-2026-23202: linux - In the Linux kernel, the following vulnerability has been resolved: spi: tegra2...↗2026