CVE-2026-53237 (GCVE-0-2026-53237)
Vulnerability from cvelistv5 – Published: 2026-06-25 08:39 – Updated: 2026-06-25 08:39
VLAI?
Title
gpio: mvebu: fix NULL pointer dereference in suspend/resume
Summary
In the Linux kernel, the following vulnerability has been resolved:
gpio: mvebu: fix NULL pointer dereference in suspend/resume
mvebu_pwm_suspend() and mvebu_pwm_resume() are called for all GPIO
banks during suspend/resume, but not all banks have PWM functionality.
GPIO banks without PWM have mvchip->mvpwm set to NULL.
Calling mvebu_pwm_suspend() with mvpwm == NULL causes a NULL pointer
dereference when it tries to access mvpwm->blink_select.
Unable to handle kernel NULL pointer dereference at virtual address 00000020 when write
[00000020] *pgd=00000000
Internal error: Oops: 815 [#1] PREEMPT ARM
Modules linked in:
CPU: 0 UID: 0 PID: 406 Comm: sh Not tainted 6.12.74-rt12-yocto-standard-g4e96f98fb7db-dirty #353
Hardware name: Marvell Armada 370/XP (Device Tree)
PC is at regmap_mmio_read+0x38/0x54
LR is at regmap_mmio_read+0x38/0x54
pc : [<c05fd2ac>] lr : [<c05fd2ac>] psr: 200f0013
sp : f0c11d10 ip : 00000000 fp : c100d2f0
r10: c14fb854 r9 : 00000000 r8 : 00000000
r7 : c1799c00 r6 : 00000020 r5 : 00000020 r4 : c179c7c0
r3 : f0a231a0 r2 : 00000020 r1 : 00000020 r0 : 00000000
Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none
Control: 10c5387d Table: 135ec059 DAC: 00000051
Call trace:
regmap_mmio_read from _regmap_bus_reg_read+0x78/0xac
_regmap_bus_reg_read from _regmap_read+0x60/0x154
_regmap_read from regmap_read+0x3c/0x60
regmap_read from mvebu_gpio_suspend+0xa4/0x14c
mvebu_gpio_suspend from dpm_run_callback+0x54/0x180
dpm_run_callback from device_suspend+0x124/0x630
device_suspend from dpm_suspend+0x124/0x270
dpm_suspend from dpm_suspend_start+0x64/0x6c
dpm_suspend_start from suspend_devices_and_enter+0x140/0x8e8
suspend_devices_and_enter from pm_suspend+0x2fc/0x308
pm_suspend from state_store+0x6c/0xc8
state_store from kernfs_fop_write_iter+0x10c/0x1f8
kernfs_fop_write_iter from vfs_write+0x270/0x468
vfs_write from ksys_write+0x70/0xf0
ksys_write from ret_fast_syscall+0x0/0x54
Add a NULL check for mvchip->mvpwm before calling the PWM
suspend/resume functions.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Affected:
757642f9a584e893f3f4e50c99b674ee8a3ed363 , < 7db09011ce62162d72897fc4856b4425245dfe35
(git)
Affected: 757642f9a584e893f3f4e50c99b674ee8a3ed363 , < 4ef24338eda3c7e96d6f94a988266ff16ed3985d (git) Affected: 757642f9a584e893f3f4e50c99b674ee8a3ed363 , < 6136c1474db88272231573e222896e1998d34662 (git) Affected: 757642f9a584e893f3f4e50c99b674ee8a3ed363 , < c9677a9274ffb44987ec209dc8ec9f2d34946956 (git) Affected: 757642f9a584e893f3f4e50c99b674ee8a3ed363 , < b9ad50d7505ebd48282ec3630258dc820fc85c81 (git) |
||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpio/gpio-mvebu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7db09011ce62162d72897fc4856b4425245dfe35",
"status": "affected",
"version": "757642f9a584e893f3f4e50c99b674ee8a3ed363",
"versionType": "git"
},
{
"lessThan": "4ef24338eda3c7e96d6f94a988266ff16ed3985d",
"status": "affected",
"version": "757642f9a584e893f3f4e50c99b674ee8a3ed363",
"versionType": "git"
},
{
"lessThan": "6136c1474db88272231573e222896e1998d34662",
"status": "affected",
"version": "757642f9a584e893f3f4e50c99b674ee8a3ed363",
"versionType": "git"
},
{
"lessThan": "c9677a9274ffb44987ec209dc8ec9f2d34946956",
"status": "affected",
"version": "757642f9a584e893f3f4e50c99b674ee8a3ed363",
"versionType": "git"
},
{
"lessThan": "b9ad50d7505ebd48282ec3630258dc820fc85c81",
"status": "affected",
"version": "757642f9a584e893f3f4e50c99b674ee8a3ed363",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpio/gpio-mvebu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.143",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.94",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.*",
"status": "unaffected",
"version": "7.0.13",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.1",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.143",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.94",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.36",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.13",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1",
"versionStartIncluding": "4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mvebu: fix NULL pointer dereference in suspend/resume\n\nmvebu_pwm_suspend() and mvebu_pwm_resume() are called for all GPIO\nbanks during suspend/resume, but not all banks have PWM functionality.\nGPIO banks without PWM have mvchip-\u003emvpwm set to NULL.\n\nCalling mvebu_pwm_suspend() with mvpwm == NULL causes a NULL pointer\ndereference when it tries to access mvpwm-\u003eblink_select.\n\n Unable to handle kernel NULL pointer dereference at virtual address 00000020 when write\n [00000020] *pgd=00000000\n Internal error: Oops: 815 [#1] PREEMPT ARM\n Modules linked in:\n CPU: 0 UID: 0 PID: 406 Comm: sh Not tainted 6.12.74-rt12-yocto-standard-g4e96f98fb7db-dirty #353\n Hardware name: Marvell Armada 370/XP (Device Tree)\n PC is at regmap_mmio_read+0x38/0x54\n LR is at regmap_mmio_read+0x38/0x54\n pc : [\u003cc05fd2ac\u003e] lr : [\u003cc05fd2ac\u003e] psr: 200f0013\n sp : f0c11d10 ip : 00000000 fp : c100d2f0\n r10: c14fb854 r9 : 00000000 r8 : 00000000\n r7 : c1799c00 r6 : 00000020 r5 : 00000020 r4 : c179c7c0\n r3 : f0a231a0 r2 : 00000020 r1 : 00000020 r0 : 00000000\n Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\n Control: 10c5387d Table: 135ec059 DAC: 00000051\n Call trace:\n regmap_mmio_read from _regmap_bus_reg_read+0x78/0xac\n _regmap_bus_reg_read from _regmap_read+0x60/0x154\n _regmap_read from regmap_read+0x3c/0x60\n regmap_read from mvebu_gpio_suspend+0xa4/0x14c\n mvebu_gpio_suspend from dpm_run_callback+0x54/0x180\n dpm_run_callback from device_suspend+0x124/0x630\n device_suspend from dpm_suspend+0x124/0x270\n dpm_suspend from dpm_suspend_start+0x64/0x6c\n dpm_suspend_start from suspend_devices_and_enter+0x140/0x8e8\n suspend_devices_and_enter from pm_suspend+0x2fc/0x308\n pm_suspend from state_store+0x6c/0xc8\n state_store from kernfs_fop_write_iter+0x10c/0x1f8\n kernfs_fop_write_iter from vfs_write+0x270/0x468\n vfs_write from ksys_write+0x70/0xf0\n ksys_write from ret_fast_syscall+0x0/0x54\n\nAdd a NULL check for mvchip-\u003emvpwm before calling the PWM\nsuspend/resume functions."
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T08:39:33.833Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7db09011ce62162d72897fc4856b4425245dfe35"
},
{
"url": "https://git.kernel.org/stable/c/4ef24338eda3c7e96d6f94a988266ff16ed3985d"
},
{
"url": "https://git.kernel.org/stable/c/6136c1474db88272231573e222896e1998d34662"
},
{
"url": "https://git.kernel.org/stable/c/c9677a9274ffb44987ec209dc8ec9f2d34946956"
},
{
"url": "https://git.kernel.org/stable/c/b9ad50d7505ebd48282ec3630258dc820fc85c81"
}
],
"title": "gpio: mvebu: fix NULL pointer dereference in suspend/resume",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-53237",
"datePublished": "2026-06-25T08:39:33.833Z",
"dateReserved": "2026-06-09T07:44:35.393Z",
"dateUpdated": "2026-06-25T08:39:33.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…