CVE-2026-46269
Analyzed Analyzed - Analysis Complete
NULL Pointer Dereference in Linux Kernel K230 Pinctrl Driver

Publication date: 2026-06-03

Last updated on: 2026-06-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl driver, the kernel triggers a NULL pointer dereference. The crash trace showed: [ 0.732084] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000068 [ 0.740737] ... [ 0.776296] epc : k230_pinctrl_probe+0x1be/0x4fc In k230_pinctrl_parse_functions(), we attempt to retrieve the device pointer via info->pctl_dev->dev, but info->pctl_dev is only initialized after k230_pinctrl_parse_dt() completes. At the time of DT parsing, info->pctl_dev is still NULL, leading to the invalid dereference of info->pctl_dev->dev. Use the already available device pointer from platform_device instead of accessing through uninitialized pctl_dev.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-03
Last Modified
2026-06-09
Generated
2026-06-16
AI Q&A
2026-06-03
EPSS Evaluated
2026-06-14
NVD
CVE-2026-46269
EUVD
EUVD-2026-34131
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.15.10 (inc) to 6.16 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.4 (exc)
linux linux_kernel From 6.16.1 (inc) to 6.18.14 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's k230 pinctrl driver when it tries to parse the device tree. During this process, the driver attempts to access a device pointer through an uninitialized structure, specifically info->pctl_dev->dev, where info->pctl_dev is still NULL. This leads to a NULL pointer dereference, causing the kernel to crash.

The root cause is that the device pointer is accessed before it is properly initialized. The fix involves using the device pointer already available from the platform_device instead of the uninitialized pctl_dev pointer.

Impact Analysis

This vulnerability can cause the Linux kernel to crash due to a NULL pointer dereference when the k230 pinctrl driver is probed. Such a crash can lead to system instability, denial of service, or unexpected reboots, potentially disrupting normal operations on affected devices using this driver.

Detection Guidance

This vulnerability causes a NULL pointer dereference in the Linux kernel when probing the k230 pinctrl driver, leading to a kernel crash.

Detection can be done by monitoring kernel logs for crash traces similar to the following message:

  • [ 0.732084] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000068
  • [ 0.776296] epc : k230_pinctrl_probe+0x1be/0x4fc

You can check the kernel logs using commands such as:

  • dmesg | grep -i 'k230_pinctrl_probe'
  • journalctl -k | grep -i 'NULL pointer dereference'
Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version where the k230 pinctrl driver has been fixed.

The fix involves using the already available device pointer from platform_device instead of accessing through the uninitialized pctl_dev pointer.

Until the update is applied, avoid probing or using the k230 pinctrl driver to prevent kernel crashes.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46269. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart