CVE-2025-38655

Summary

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: canaan: k230: add NULL check in DT parse

Add a NULL check for the return value of of_get_property() when retrieving the "pinmux" property in the group parser. This avoids a potential NULL pointer dereference if the property is missing from the device tree node.

Also fix a typo ("sintenel") in the device ID match table comment, correcting it to "sentinel".

Affected Software

VendorProductVersion RangeStatus
LinuxLinux545887eab6f6776a7477fe7e83860eab57138b03 < b5ae84aeff60b8819e8568ff0c57590caed9e6d3affected
LinuxLinux545887eab6f6776a7477fe7e83860eab57138b03 < 5d324b262c0ff256b8d603596574d66267b6394faffected
LinuxLinux545887eab6f6776a7477fe7e83860eab57138b03 < 65bd0be486390fc12a84eafaad78758c5e5a55e6affected
LinuxLinux6.13affected
LinuxLinux0 < 6.13unaffected
LinuxLinux6.15.10 <= 6.15.*unaffected
LinuxLinux6.16.1 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References