In the Linux kernel, the following vulnerability has been resolved:
pinctrl: pinconf-generic: Fully validate 'pinmux' property
The pinconf_generic_parse_dt_pinmux() assumes that the 'pinmux' property
is not empty when present. This might be not true. With that, the allocator
will give a special value in return and not NULL which lead to the crash
when trying to access that (invalid) memory. Fix that by fully validating
'pinmux' value, including its length.
| Score | Percentile |
|---|---|
| 0.15% | 4.95% |
No CVSS scores in this advisory.
| Type | Value |
|---|---|
| GHSA | GHSA-4qpg-p2c6-564v ↗ |
| CVE | CVE-2026-53307 ↗ |