fkie_cve-2025-38655
Vulnerability from fkie_nvd
Published
2025-08-22 16:15
Modified
2025-08-22 18:08
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: add NULL check in DT parse Add a NULL check for the return value of of_get_property() when retrieving the "pinmux" property in the group parser. This avoids a potential NULL pointer dereference if the property is missing from the device tree node. Also fix a typo ("sintenel") in the device ID match table comment, correcting it to "sentinel".
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5d324b262c0ff256b8d603596574d66267b6394f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/65bd0be486390fc12a84eafaad78758c5e5a55e6
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b5ae84aeff60b8819e8568ff0c57590caed9e6d3
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: canaan: k230: add NULL check in DT parse\n\nAdd a NULL check for the return value of of_get_property() when\nretrieving the \"pinmux\" property in the group parser. This avoids\na potential NULL pointer dereference if the property is missing\nfrom the device tree node.\n\nAlso fix a typo (\"sintenel\") in the device ID match table comment,\ncorrecting it to \"sentinel\"."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pinctrl: canaan: k230: a\u00f1adir comprobaci\u00f3n NULL en el an\u00e1lisis DT. Se a\u00f1ade una comprobaci\u00f3n NULL para el valor de retorno de of_get_property() al recuperar la propiedad \"pinmux\" en el analizador de grupo. Esto evita una posible desreferencia de puntero NULL si la propiedad no se encuentra en el nodo del \u00e1rbol de dispositivos. Tambi\u00e9n se corrige un error tipogr\u00e1fico (\"sintenel\") en el comentario de la tabla de coincidencias de ID de dispositivo, corrigi\u00e9ndolo a \"sentinel\"."
    }
  ],
  "id": "CVE-2025-38655",
  "lastModified": "2025-08-22T18:08:51.663",
  "metrics": {},
  "published": "2025-08-22T16:15:40.493",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5d324b262c0ff256b8d603596574d66267b6394f"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/65bd0be486390fc12a84eafaad78758c5e5a55e6"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/b5ae84aeff60b8819e8568ff0c57590caed9e6d3"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.