CVE-2026-46269 – pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree

CVE ID :CVE-2026-46269

Published : June 3, 2026, 6:16 p.m. | 16 minutes ago

Description :In the Linux kernel, the following vulnerability has been resolved:

pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree

When probing the k230 pinctrl driver, the kernel triggers a NULL pointer
dereference. The crash trace showed:
[ 0.732084] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000068
[ 0.740737] …
[ 0.776296] epc : k230_pinctrl_probe+0x1be/0x4fc

In k230_pinctrl_parse_functions(), we attempt to retrieve the device
pointer via info->pctl_dev->dev, but info->pctl_dev is only initialized
after k230_pinctrl_parse_dt() completes.

At the time of DT parsing, info->pctl_dev is still NULL, leading to
the invalid dereference of info->pctl_dev->dev.

Use the already available device pointer from platform_device
instead of accessing through uninitialized pctl_dev.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-46273 – ibmveth: Disable GSO for packets with small MSS

CVE-2026-46272 – coresight: tmc-etr: Fix race condition between sysfs and perf mode

CVE-2026-46271 – wifi: ath12k: do WoW offloads only on primary link

CVE-2026-46270 – power: supply: rt9455: Fix use-after-free in power_supply_changed()