CVE-2026-53340

ANALYSIS PENDING

i2c: imx: fix clock and pinctrl state inconsistency in runtime PM

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2c_imx_runtime_suspend(), the clock is disabled before switching the pinctrl state to sleep. If pinctrl_pm_select_sleep_state() fails, the runtime suspend is aborted but the clock remains disabled, causing a system crash when the hardware is subsequently accessed. Fix this by switching the pinctrl state before disabling the clock so that a pinctrl failure leaves the clock enabled and the hardware accessible. In i2c_imx_runtime_resume(), restore the pinctrl state back to sleep if clk_enable() fails to keep the consistent.

Scores

EPSS 0.0015
EPSS Percentile 5.0%

Details

Status published
Products (10)
linux/Kernel 6.14.0 - 6.18.36linux
linux/Kernel 6.19.0 - 7.0.13linux
Linux/Linux < 6.14
Linux/Linux 576eba03c99435380d155e5f71d5d7603b9178f6 - 8783fb8031799f1230997c16df8c8dce9fcd1841
Linux/Linux 576eba03c99435380d155e5f71d5d7603b9178f6 - 9fa82cf393bafc7bd7ca15c1d5cbd5b57ab9de1d
Linux/Linux 576eba03c99435380d155e5f71d5d7603b9178f6 - c8f5269c1bf505847bc7dbb92054594790114de6
Linux/Linux 6.14
Linux/Linux 6.18.36 - 6.18.*
Linux/Linux 7.0.13 - 7.0.*
Linux/Linux 7.1
Published Jul 01, 2026
Tracked Since Jul 01, 2026