CVE-2026-53344
ANALYSIS PENDINGpinctrl: mcp23s08: Initialize mcp->dev and mcp->addr before regmap init
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Initialize mcp->dev and mcp->addr before regmap init Regmap initialization triggers regcache_maple_populate() which attempts SPI read to populate cache. SPI read requires mcp->dev and mcp->addr to be set, without them, NULL pointer dereference occurs during probe. Move initialization before mcp23s08_spi_regmap_init() call.
References (2)
Core 2
Scores
EPSS
0.0014
EPSS Percentile
4.1%
Details
Status
published
Products (7)
linux/Kernel
6.19.0 - 7.0.13linux
Linux/Linux
< 6.19
Linux/Linux
6.19
Linux/Linux
7.0.13 - 7.0.*
Linux/Linux
7.1
Linux/Linux
f9f4fda15e720686f1b2b436591ab11255e4e85e - 3a13bb9540dfd7014c5601608afcbbadbbcfd673
Linux/Linux
f9f4fda15e720686f1b2b436591ab11255e4e85e - 8473c3a197b57ff01396f7a2ec6ddf65383820d4
Published
Jul 01, 2026
Tracked Since
Jul 01, 2026