GHSA-6V4W-QF8X-8HJM
Vulnerability from github – Published: 2026-06-25 09:31 – Updated: 2026-06-25 09:31In the Linux kernel, the following vulnerability has been resolved:
gpio: mvebu: fix NULL pointer dereference in suspend/resume
mvebu_pwm_suspend() and mvebu_pwm_resume() are called for all GPIO banks during suspend/resume, but not all banks have PWM functionality. GPIO banks without PWM have mvchip->mvpwm set to NULL.
Calling mvebu_pwm_suspend() with mvpwm == NULL causes a NULL pointer dereference when it tries to access mvpwm->blink_select.
Unable to handle kernel NULL pointer dereference at virtual address 00000020 when write [00000020] *pgd=00000000 Internal error: Oops: 815 [#1] PREEMPT ARM Modules linked in: CPU: 0 UID: 0 PID: 406 Comm: sh Not tainted 6.12.74-rt12-yocto-standard-g4e96f98fb7db-dirty #353 Hardware name: Marvell Armada 370/XP (Device Tree) PC is at regmap_mmio_read+0x38/0x54 LR is at regmap_mmio_read+0x38/0x54 pc : [] lr : [] psr: 200f0013 sp : f0c11d10 ip : 00000000 fp : c100d2f0 r10: c14fb854 r9 : 00000000 r8 : 00000000 r7 : c1799c00 r6 : 00000020 r5 : 00000020 r4 : c179c7c0 r3 : f0a231a0 r2 : 00000020 r1 : 00000020 r0 : 00000000 Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 10c5387d Table: 135ec059 DAC: 00000051 Call trace: regmap_mmio_read from _regmap_bus_reg_read+0x78/0xac _regmap_bus_reg_read from _regmap_read+0x60/0x154 _regmap_read from regmap_read+0x3c/0x60 regmap_read from mvebu_gpio_suspend+0xa4/0x14c mvebu_gpio_suspend from dpm_run_callback+0x54/0x180 dpm_run_callback from device_suspend+0x124/0x630 device_suspend from dpm_suspend+0x124/0x270 dpm_suspend from dpm_suspend_start+0x64/0x6c dpm_suspend_start from suspend_devices_and_enter+0x140/0x8e8 suspend_devices_and_enter from pm_suspend+0x2fc/0x308 pm_suspend from state_store+0x6c/0xc8 state_store from kernfs_fop_write_iter+0x10c/0x1f8 kernfs_fop_write_iter from vfs_write+0x270/0x468 vfs_write from ksys_write+0x70/0xf0 ksys_write from ret_fast_syscall+0x0/0x54
Add a NULL check for mvchip->mvpwm before calling the PWM suspend/resume functions.
{
"affected": [],
"aliases": [
"CVE-2026-53237"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-25T09:16:41Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mvebu: fix NULL pointer dereference in suspend/resume\n\nmvebu_pwm_suspend() and mvebu_pwm_resume() are called for all GPIO\nbanks during suspend/resume, but not all banks have PWM functionality.\nGPIO banks without PWM have mvchip-\u003emvpwm set to NULL.\n\nCalling mvebu_pwm_suspend() with mvpwm == NULL causes a NULL pointer\ndereference when it tries to access mvpwm-\u003eblink_select.\n\n Unable to handle kernel NULL pointer dereference at virtual address 00000020 when write\n [00000020] *pgd=00000000\n Internal error: Oops: 815 [#1] PREEMPT ARM\n Modules linked in:\n CPU: 0 UID: 0 PID: 406 Comm: sh Not tainted 6.12.74-rt12-yocto-standard-g4e96f98fb7db-dirty #353\n Hardware name: Marvell Armada 370/XP (Device Tree)\n PC is at regmap_mmio_read+0x38/0x54\n LR is at regmap_mmio_read+0x38/0x54\n pc : [\u003cc05fd2ac\u003e] lr : [\u003cc05fd2ac\u003e] psr: 200f0013\n sp : f0c11d10 ip : 00000000 fp : c100d2f0\n r10: c14fb854 r9 : 00000000 r8 : 00000000\n r7 : c1799c00 r6 : 00000020 r5 : 00000020 r4 : c179c7c0\n r3 : f0a231a0 r2 : 00000020 r1 : 00000020 r0 : 00000000\n Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\n Control: 10c5387d Table: 135ec059 DAC: 00000051\n Call trace:\n regmap_mmio_read from _regmap_bus_reg_read+0x78/0xac\n _regmap_bus_reg_read from _regmap_read+0x60/0x154\n _regmap_read from regmap_read+0x3c/0x60\n regmap_read from mvebu_gpio_suspend+0xa4/0x14c\n mvebu_gpio_suspend from dpm_run_callback+0x54/0x180\n dpm_run_callback from device_suspend+0x124/0x630\n device_suspend from dpm_suspend+0x124/0x270\n dpm_suspend from dpm_suspend_start+0x64/0x6c\n dpm_suspend_start from suspend_devices_and_enter+0x140/0x8e8\n suspend_devices_and_enter from pm_suspend+0x2fc/0x308\n pm_suspend from state_store+0x6c/0xc8\n state_store from kernfs_fop_write_iter+0x10c/0x1f8\n kernfs_fop_write_iter from vfs_write+0x270/0x468\n vfs_write from ksys_write+0x70/0xf0\n ksys_write from ret_fast_syscall+0x0/0x54\n\nAdd a NULL check for mvchip-\u003emvpwm before calling the PWM\nsuspend/resume functions.",
"id": "GHSA-6v4w-qf8x-8hjm",
"modified": "2026-06-25T09:31:22Z",
"published": "2026-06-25T09:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53237"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4ef24338eda3c7e96d6f94a988266ff16ed3985d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6136c1474db88272231573e222896e1998d34662"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7db09011ce62162d72897fc4856b4425245dfe35"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b9ad50d7505ebd48282ec3630258dc820fc85c81"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c9677a9274ffb44987ec209dc8ec9f2d34946956"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.