CVE-2025-38266

CVE-2025-38266 affects the Linux kernel pinctrl/mediatek EINT path. The root cause was an invalid dereference: a function (mtk_eint_do_init) could be called with a version of struct mtk_pinctrl that lacks the required soc field when using v1 drivers, leading to a potential crash on certain boards...

CVE-2022-49608 pinctrl: ralink: Check for null return of devm_kcalloc

In the Linux kernel, the following vulnerability has been resolved: pinctrl: ralink: Check for null return of devmkcalloc Because of the possible failure of the allocation, data-domains might be NULL pointer and will cause the dereference of the NULL pointer later. Therefore, it might be better t...

CVE-2022-49449

The CVE-2022-49449 issue affects Linux kernel pinctrl: renesas: rzn1. The root cause is a possible null-ptr-deref when using 'res' if platform_get_resource() returns NULL. The patch defers dereferencing 'res' by performing devm_ioremap_resource() first (which validates the resource) and then uses...

CVE-2024-57889

CVE-2024-57889 is resolved in the Linux kernel via a patch to the pinctrl-mcp23s08 driver. The issue occurred when using MCP23xxx IO expanders to receive IRQs, where regmap locking (mutex) around regmap_update_bits_base was invoked from a context that held a spinlock in __setup_irq(), leading to ...