Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconf_generic_parse_dt_pinmux() assumes that the 'pinmux' property is not empty when present. This might be not true. With that, the allocator will give a special value in return and not NULL which lead to the crash when trying to access that (invalid) memory. Fix that by fully validating 'pinmux' value, including its length.
References
- https://git.kernel.org/stable/c/6476aac13805721e16439bd71f0e1703a4154517
- https://git.kernel.org/stable/c/b7842b722169359e7ffe4b838d2496e9e72ac996
- https://git.kernel.org/stable/c/c98324ea7849b6e5baa1774f71709b375a2c2f9e
FAQ
What is CVE-2026-53307?
CVE-2026-53307 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconf_generic_parse_dt_pinmux() assumes that the 'pinmux' propert...
How severe is CVE-2026-53307?
CVSS scoring is not yet available for CVE-2026-53307. Check NVD for updates.
Is there a patch for CVE-2026-53307?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.