← volver
CVE-2026-53344

pinctrl: mcp23s08: Initialize mcp->dev and mcp->addr before regmap init

EPSS 0.1%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
01 jul 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Initialize mcp->dev and mcp->addr before regmap init Regmap initialization triggers regcache_maple_populate() which attempts SPI read to populate cache. SPI read requires mcp->dev and mcp->addr to be set, without them, NULL pointer dereference occurs during probe. Move initialization before mcp23s08_spi_regmap_init() call.
Productos afectados
Linux · Linux