Description
In the Linux kernel, the following vulnerability has been resolved: regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods drvdata::gpiods is supposed to hold an array of 'gpio_desc' pointers. But the memory is allocated for only one pointer. This will lead to out-of-bounds access later in the code if 'config::ngpios' is > 1. So fix the code to allocate enough memory to hold 'config::ngpios' of GPIO descriptors. While at it, also move the check for memory allocation failure to be below the allocation to make it more readable.
References (10)
Core 10
Core References
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Scores
CVSS v3
7.1
EPSS
0.0003
EPSS Percentile
7.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (10)
debian/debian_linux
11.0
linux/Kernel
5.1.0 - 5.4.296linux
linux/Kernel
5.11.0 - 5.15.187linux
linux/Kernel
5.16.0 - 6.1.144linux
linux/Kernel
5.5.0 - 5.10.240linux
linux/Kernel
6.13.0 - 6.15.6linux
linux/Kernel
6.2.0 - 6.6.97linux
linux/Kernel
6.7.0 - 6.12.37linux
linux/linux_kernel
6.16 rc1 (4 CPE variants)
linux/linux_kernel
5.1 - 5.4.296
Published
Jul 25, 2025
Tracked Since
Feb 18, 2026