CVE-2025-68222
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-16

Last updated on: 2025-12-18

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc s32_pinctrl_desc is allocated with devm_kmalloc(), but not all of its fields are initialized. Notably, num_custom_params is used in pinconf_generic_parse_dt_config(), resulting in intermittent allocation errors, such as the following splat when probing i2c-imx: WARNING: CPU: 0 PID: 176 at mm/page_alloc.c:4795 __alloc_pages_noprof+0x290/0x300 [...] Hardware name: NXP S32G3 Reference Design Board 3 (S32G-VNP-RDB3) (DT) [...] Call trace: __alloc_pages_noprof+0x290/0x300 (P) ___kmalloc_large_node+0x84/0x168 __kmalloc_large_node_noprof+0x34/0x120 __kmalloc_noprof+0x2ac/0x378 pinconf_generic_parse_dt_config+0x68/0x1a0 s32_dt_node_to_map+0x104/0x248 dt_to_map_one_config+0x154/0x1d8 pinctrl_dt_to_map+0x12c/0x280 create_pinctrl+0x6c/0x270 pinctrl_get+0xc0/0x170 devm_pinctrl_get+0x50/0xa0 pinctrl_bind_pins+0x60/0x2a0 really_probe+0x60/0x3a0 [...] __platform_driver_register+0x2c/0x40 i2c_adap_imx_init+0x28/0xff8 [i2c_imx] [...] This results in later parse failures that can cause issues in dependent drivers: s32g-siul2-pinctrl 4009c240.pinctrl: /soc@0/pinctrl@4009c240/i2c0-pins/i2c0-grp0: could not parse node property s32g-siul2-pinctrl 4009c240.pinctrl: /soc@0/pinctrl@4009c240/i2c0-pins/i2c0-grp0: could not parse node property [...] pca953x 0-0022: failed writing register: -6 i2c i2c-0: IMX I2C adapter registered s32g-siul2-pinctrl 4009c240.pinctrl: /soc@0/pinctrl@4009c240/i2c2-pins/i2c2-grp0: could not parse node property s32g-siul2-pinctrl 4009c240.pinctrl: /soc@0/pinctrl@4009c240/i2c2-pins/i2c2-grp0: could not parse node property i2c i2c-1: IMX I2C adapter registered s32g-siul2-pinctrl 4009c240.pinctrl: /soc@0/pinctrl@4009c240/i2c4-pins/i2c4-grp0: could not parse node property s32g-siul2-pinctrl 4009c240.pinctrl: /soc@0/pinctrl@4009c240/i2c4-pins/i2c4-grp0: could not parse node property i2c i2c-2: IMX I2C adapter registered Fix this by initializing s32_pinctrl_desc with devm_kzalloc() instead of devm_kmalloc() in s32_pinctrl_probe(), which sets the previously uninitialized fields to zero.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-18
Generated
2026-05-07
AI Q&A
2025-12-16
EPSS Evaluated
2026-05-05
NVD
CVE-2025-68222
EUVD
EUVD-2025-203674
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nxp s32g3 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is in the Linux kernel's pinctrl driver for the NXP S32G3 platform. The issue arises because the s32_pinctrl_desc structure is allocated with devm_kmalloc() but not all its fields are initialized. Specifically, the num_custom_params field is uninitialized and later used in pinconf_generic_parse_dt_config(), which can cause intermittent allocation errors and parsing failures when probing certain devices like i2c-imx. This leads to errors and failures in dependent drivers due to uninitialized memory usage. The fix involves changing the allocation to devm_kzalloc(), which zero-initializes the structure, preventing these errors.


How can this vulnerability impact me? :

This vulnerability can cause intermittent allocation errors and parsing failures in the Linux kernel's pinctrl driver on affected hardware. As a result, dependent drivers, such as those for I2C adapters, may fail to initialize or operate correctly, leading to hardware communication issues or device malfunctions on systems using the affected NXP S32G3 platform.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking the system logs for specific error messages related to pinctrl and i2c-imx probing failures. Look for warnings such as 'WARNING: CPU: 0 PID: ... at mm/page_alloc.c' and messages indicating parse failures like 's32g-siul2-pinctrl ... could not parse node property' and 'failed writing register: -6'. You can use commands like 'dmesg | grep pinctrl' or 'journalctl -k | grep pinctrl' to find these messages in the kernel logs.


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation is to update the Linux kernel to a version where the s32_pinctrl_desc structure is properly initialized using devm_kzalloc() instead of devm_kmalloc() in the s32_pinctrl_probe() function. This ensures that uninitialized fields are zeroed out, preventing the allocation errors and parse failures. Until an update is applied, monitoring for the error messages and avoiding affected hardware configurations may help reduce impact.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart