CVE-2016-10764: kernel: off by one in function cqspi_setup_flash() in drivers/mtd/spi-nor/cadence-quadspi.c

Severity: Critical

CVSS Score: 9.8

In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.