CVE-2025-38654
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-22
Last updated on: 2025-11-26
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: canaan: k230: Fix order of DT parse and pinctrl register
Move DT parse before pinctrl register. This ensures that device tree
parsing is done before calling devm_pinctrl_register() to prevent using
uninitialized pin resources.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel involves the pinctrl driver for canaan k230. The issue was that the device tree (DT) parsing was done after the pinctrl register, which could lead to using uninitialized pin resources. The fix was to move the DT parsing before the pinctrl register to ensure proper initialization.
How can this vulnerability impact me? :
The vulnerability could cause the system to use uninitialized pin resources, potentially leading to incorrect hardware behavior or system instability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70