CVE-2026-53237 (GCVE-0-2026-53237)
Vulnerability from cvelistv5 – Published: 2026-06-25 08:39 – Updated: 2026-06-25 08:39
VLAI
Title
gpio: mvebu: fix NULL pointer dereference in suspend/resume
Summary
In the Linux kernel, the following vulnerability has been resolved:
gpio: mvebu: fix NULL pointer dereference in suspend/resume
mvebu_pwm_suspend() and mvebu_pwm_resume() are called for all GPIO
banks during suspend/resume, but not all banks have PWM functionality.
GPIO banks without PWM have mvchip->mvpwm set to NULL.
Calling mvebu_pwm_suspend() with mvpwm == NULL causes a NULL pointer
dereference when it tries to access mvpwm->blink_select.
Unable to handle kernel NULL pointer dereference at virtual address 00000020 when write
[00000020] *pgd=00000000
Internal error: Oops: 815 [#1] PREEMPT ARM
Modules linked in:
CPU: 0 UID: 0 PID: 406 Comm: sh Not tainted 6.12.74-rt12-yocto-standard-g4e96f98fb7db-dirty #353
Hardware name: Marvell Armada 370/XP (Device Tree)
PC is at regmap_mmio_read+0x38/0x54
LR is at regmap_mmio_read+0x38/0x54
pc : [<c05fd2ac>] lr : [<c05fd2ac>] psr: 200f0013
sp : f0c11d10 ip : 00000000 fp : c100d2f0
r10: c14fb854 r9 : 00000000 r8 : 00000000
r7 : c1799c00 r6 : 00000020 r5 : 00000020 r4 : c179c7c0
r3 : f0a231a0 r2 : 00000020 r1 : 00000020 r0 : 00000000
Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none
Control: 10c5387d Table: 135ec059 DAC: 00000051
Call trace:
regmap_mmio_read from _regmap_bus_reg_read+0x78/0xac
_regmap_bus_reg_read from _regmap_read+0x60/0x154
_regmap_read from regmap_read+0x3c/0x60
regmap_read from mvebu_gpio_suspend+0xa4/0x14c
mvebu_gpio_suspend from dpm_run_callback+0x54/0x180
dpm_run_callback from device_suspend+0x124/0x630
device_suspend from dpm_suspend+0x124/0x270
dpm_suspend from dpm_suspend_start+0x64/0x6c
dpm_suspend_start from suspend_devices_and_enter+0x140/0x8e8
suspend_devices_and_enter from pm_suspend+0x2fc/0x308
pm_suspend from state_store+0x6c/0xc8
state_store from kernfs_fop_write_iter+0x10c/0x1f8
kernfs_fop_write_iter from vfs_write+0x270/0x468
vfs_write from ksys_write+0x70/0xf0
ksys_write from ret_fast_syscall+0x0/0x54
Add a NULL check for mvchip->mvpwm before calling the PWM
suspend/resume functions.
Severity
No CVSS data available.
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
757642f9a584e893f3f4e50c99b674ee8a3ed363 , < 7db09011ce62162d72897fc4856b4425245dfe35
(git)
Affected: 757642f9a584e893f3f4e50c99b674ee8a3ed363 , < 4ef24338eda3c7e96d6f94a988266ff16ed3985d (git) Affected: 757642f9a584e893f3f4e50c99b674ee8a3ed363 , < 6136c1474db88272231573e222896e1998d34662 (git) Affected: 757642f9a584e893f3f4e50c99b674ee8a3ed363 , < c9677a9274ffb44987ec209dc8ec9f2d34946956 (git) Affected: 757642f9a584e893f3f4e50c99b674ee8a3ed363 , < b9ad50d7505ebd48282ec3630258dc820fc85c81 (git) |
|
| Linux | Linux |
Affected:
4.12
Unaffected: 0 , < 4.12 (semver) Unaffected: 6.6.143 , ≤ 6.6.* (semver) Unaffected: 6.12.94 , ≤ 6.12.* (semver) Unaffected: 6.18.36 , ≤ 6.18.* (semver) Unaffected: 7.0.13 , ≤ 7.0.* (semver) Unaffected: 7.1 , ≤ * (original_commit_for_fix) |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpio/gpio-mvebu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7db09011ce62162d72897fc4856b4425245dfe35",
"status": "affected",
"version": "757642f9a584e893f3f4e50c99b674ee8a3ed363",
"versionType": "git"
},
{
"lessThan": "4ef24338eda3c7e96d6f94a988266ff16ed3985d",
"status": "affected",
"version": "757642f9a584e893f3f4e50c99b674ee8a3ed363",
"versionType": "git"
},
{
"lessThan": "6136c1474db88272231573e222896e1998d34662",
"status": "affected",
"version": "757642f9a584e893f3f4e50c99b674ee8a3ed363",
"versionType": "git"
},
{
"lessThan": "c9677a9274ffb44987ec209dc8ec9f2d34946956",
"status": "affected",
"version": "757642f9a584e893f3f4e50c99b674ee8a3ed363",
"versionType": "git"
},
{
"lessThan": "b9ad50d7505ebd48282ec3630258dc820fc85c81",
"status": "affected",
"version": "757642f9a584e893f3f4e50c99b674ee8a3ed363",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpio/gpio-mvebu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.143",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.94",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.*",
"status": "unaffected",
"version": "7.0.13",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.1",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.143",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.94",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.36",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.13",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1",
"versionStartIncluding": "4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mvebu: fix NULL pointer dereference in suspend/resume\n\nmvebu_pwm_suspend() and mvebu_pwm_resume() are called for all GPIO\nbanks during suspend/resume, but not all banks have PWM functionality.\nGPIO banks without PWM have mvchip-\u003emvpwm set to NULL.\n\nCalling mvebu_pwm_suspend() with mvpwm == NULL causes a NULL pointer\ndereference when it tries to access mvpwm-\u003eblink_select.\n\n Unable to handle kernel NULL pointer dereference at virtual address 00000020 when write\n [00000020] *pgd=00000000\n Internal error: Oops: 815 [#1] PREEMPT ARM\n Modules linked in:\n CPU: 0 UID: 0 PID: 406 Comm: sh Not tainted 6.12.74-rt12-yocto-standard-g4e96f98fb7db-dirty #353\n Hardware name: Marvell Armada 370/XP (Device Tree)\n PC is at regmap_mmio_read+0x38/0x54\n LR is at regmap_mmio_read+0x38/0x54\n pc : [\u003cc05fd2ac\u003e] lr : [\u003cc05fd2ac\u003e] psr: 200f0013\n sp : f0c11d10 ip : 00000000 fp : c100d2f0\n r10: c14fb854 r9 : 00000000 r8 : 00000000\n r7 : c1799c00 r6 : 00000020 r5 : 00000020 r4 : c179c7c0\n r3 : f0a231a0 r2 : 00000020 r1 : 00000020 r0 : 00000000\n Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\n Control: 10c5387d Table: 135ec059 DAC: 00000051\n Call trace:\n regmap_mmio_read from _regmap_bus_reg_read+0x78/0xac\n _regmap_bus_reg_read from _regmap_read+0x60/0x154\n _regmap_read from regmap_read+0x3c/0x60\n regmap_read from mvebu_gpio_suspend+0xa4/0x14c\n mvebu_gpio_suspend from dpm_run_callback+0x54/0x180\n dpm_run_callback from device_suspend+0x124/0x630\n device_suspend from dpm_suspend+0x124/0x270\n dpm_suspend from dpm_suspend_start+0x64/0x6c\n dpm_suspend_start from suspend_devices_and_enter+0x140/0x8e8\n suspend_devices_and_enter from pm_suspend+0x2fc/0x308\n pm_suspend from state_store+0x6c/0xc8\n state_store from kernfs_fop_write_iter+0x10c/0x1f8\n kernfs_fop_write_iter from vfs_write+0x270/0x468\n vfs_write from ksys_write+0x70/0xf0\n ksys_write from ret_fast_syscall+0x0/0x54\n\nAdd a NULL check for mvchip-\u003emvpwm before calling the PWM\nsuspend/resume functions."
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T08:39:33.833Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7db09011ce62162d72897fc4856b4425245dfe35"
},
{
"url": "https://git.kernel.org/stable/c/4ef24338eda3c7e96d6f94a988266ff16ed3985d"
},
{
"url": "https://git.kernel.org/stable/c/6136c1474db88272231573e222896e1998d34662"
},
{
"url": "https://git.kernel.org/stable/c/c9677a9274ffb44987ec209dc8ec9f2d34946956"
},
{
"url": "https://git.kernel.org/stable/c/b9ad50d7505ebd48282ec3630258dc820fc85c81"
}
],
"title": "gpio: mvebu: fix NULL pointer dereference in suspend/resume",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-53237",
"datePublished": "2026-06-25T08:39:33.833Z",
"dateReserved": "2026-06-09T07:44:35.393Z",
"dateUpdated": "2026-06-25T08:39:33.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-53237",
"date": "2026-07-01",
"epss": "0.00175",
"percentile": "0.07241"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-53237\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-06-25T09:16:41.597\",\"lastModified\":\"2026-06-30T14:44:27.313\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ngpio: mvebu: fix NULL pointer dereference in suspend/resume\\n\\nmvebu_pwm_suspend() and mvebu_pwm_resume() are called for all GPIO\\nbanks during suspend/resume, but not all banks have PWM functionality.\\nGPIO banks without PWM have mvchip-\u003emvpwm set to NULL.\\n\\nCalling mvebu_pwm_suspend() with mvpwm == NULL causes a NULL pointer\\ndereference when it tries to access mvpwm-\u003eblink_select.\\n\\n Unable to handle kernel NULL pointer dereference at virtual address 00000020 when write\\n [00000020] *pgd=00000000\\n Internal error: Oops: 815 [#1] PREEMPT ARM\\n Modules linked in:\\n CPU: 0 UID: 0 PID: 406 Comm: sh Not tainted 6.12.74-rt12-yocto-standard-g4e96f98fb7db-dirty #353\\n Hardware name: Marvell Armada 370/XP (Device Tree)\\n PC is at regmap_mmio_read+0x38/0x54\\n LR is at regmap_mmio_read+0x38/0x54\\n pc : [\u003cc05fd2ac\u003e] lr : [\u003cc05fd2ac\u003e] psr: 200f0013\\n sp : f0c11d10 ip : 00000000 fp : c100d2f0\\n r10: c14fb854 r9 : 00000000 r8 : 00000000\\n r7 : c1799c00 r6 : 00000020 r5 : 00000020 r4 : c179c7c0\\n r3 : f0a231a0 r2 : 00000020 r1 : 00000020 r0 : 00000000\\n Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\\n Control: 10c5387d Table: 135ec059 DAC: 00000051\\n Call trace:\\n regmap_mmio_read from _regmap_bus_reg_read+0x78/0xac\\n _regmap_bus_reg_read from _regmap_read+0x60/0x154\\n _regmap_read from regmap_read+0x3c/0x60\\n regmap_read from mvebu_gpio_suspend+0xa4/0x14c\\n mvebu_gpio_suspend from dpm_run_callback+0x54/0x180\\n dpm_run_callback from device_suspend+0x124/0x630\\n device_suspend from dpm_suspend+0x124/0x270\\n dpm_suspend from dpm_suspend_start+0x64/0x6c\\n dpm_suspend_start from suspend_devices_and_enter+0x140/0x8e8\\n suspend_devices_and_enter from pm_suspend+0x2fc/0x308\\n pm_suspend from state_store+0x6c/0xc8\\n state_store from kernfs_fop_write_iter+0x10c/0x1f8\\n kernfs_fop_write_iter from vfs_write+0x270/0x468\\n vfs_write from ksys_write+0x70/0xf0\\n ksys_write from ret_fast_syscall+0x0/0x54\\n\\nAdd a NULL check for mvchip-\u003emvpwm before calling the PWM\\nsuspend/resume functions.\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"drivers/gpio/gpio-mvebu.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"757642f9a584e893f3f4e50c99b674ee8a3ed363\",\"lessThan\":\"7db09011ce62162d72897fc4856b4425245dfe35\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"757642f9a584e893f3f4e50c99b674ee8a3ed363\",\"lessThan\":\"4ef24338eda3c7e96d6f94a988266ff16ed3985d\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"757642f9a584e893f3f4e50c99b674ee8a3ed363\",\"lessThan\":\"6136c1474db88272231573e222896e1998d34662\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"757642f9a584e893f3f4e50c99b674ee8a3ed363\",\"lessThan\":\"c9677a9274ffb44987ec209dc8ec9f2d34946956\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"757642f9a584e893f3f4e50c99b674ee8a3ed363\",\"lessThan\":\"b9ad50d7505ebd48282ec3630258dc820fc85c81\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"drivers/gpio/gpio-mvebu.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"4.12\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"4.12\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.143\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.94\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.18.36\",\"lessThanOrEqual\":\"6.18.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.0.13\",\"lessThanOrEqual\":\"7.0.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.1\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4ef24338eda3c7e96d6f94a988266ff16ed3985d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6136c1474db88272231573e222896e1998d34662\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7db09011ce62162d72897fc4856b4425245dfe35\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b9ad50d7505ebd48282ec3630258dc820fc85c81\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c9677a9274ffb44987ec209dc8ec9f2d34946956\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…