CVE-2026-53237

Source
https://cve.org/CVERecord?id=CVE-2026-53237
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53237.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53237
Downstream
Related
Published
2026-06-25T08:39:33.833Z
Modified
2026-07-10T03:54:42.959404293Z
Summary
gpio: mvebu: fix NULL pointer dereference in suspend/resume
Details

In the Linux kernel, the following vulnerability has been resolved:

gpio: mvebu: fix NULL pointer dereference in suspend/resume

mvebupwmsuspend() and mvebupwmresume() are called for all GPIO banks during suspend/resume, but not all banks have PWM functionality. GPIO banks without PWM have mvchip->mvpwm set to NULL.

Calling mvebupwmsuspend() with mvpwm == NULL causes a NULL pointer dereference when it tries to access mvpwm->blink_select.

Unable to handle kernel NULL pointer dereference at virtual address 00000020 when write [00000020] *pgd=00000000 Internal error: Oops: 815 [#1] PREEMPT ARM Modules linked in: CPU: 0 UID: 0 PID: 406 Comm: sh Not tainted 6.12.74-rt12-yocto-standard-g4e96f98fb7db-dirty #353 Hardware name: Marvell Armada 370/XP (Device Tree) PC is at regmapmmioread+0x38/0x54 LR is at regmapmmioread+0x38/0x54 pc : [<c05fd2ac>] lr : [<c05fd2ac>] psr: 200f0013 sp : f0c11d10 ip : 00000000 fp : c100d2f0 r10: c14fb854 r9 : 00000000 r8 : 00000000 r7 : c1799c00 r6 : 00000020 r5 : 00000020 r4 : c179c7c0 r3 : f0a231a0 r2 : 00000020 r1 : 00000020 r0 : 00000000 Flags: nzCv IRQs on FIQs on Mode SVC32 ISA ARM Segment none Control: 10c5387d Table: 135ec059 DAC: 00000051 Call trace: regmapmmioread from regmapbusregread+0x78/0xac regmapbusregread from regmapread+0x60/0x154 regmapread from regmapread+0x3c/0x60 regmapread from mvebugpiosuspend+0xa4/0x14c mvebugpiosuspend from dpmruncallback+0x54/0x180 dpmruncallback from devicesuspend+0x124/0x630 devicesuspend from dpmsuspend+0x124/0x270 dpmsuspend from dpmsuspendstart+0x64/0x6c dpmsuspendstart from suspenddevicesandenter+0x140/0x8e8 suspenddevicesandenter from pmsuspend+0x2fc/0x308 pmsuspend from statestore+0x6c/0xc8 statestore from kernfsfopwriteiter+0x10c/0x1f8 kernfsfopwriteiter from vfswrite+0x270/0x468 vfswrite from ksyswrite+0x70/0xf0 ksyswrite from retfast_syscall+0x0/0x54

Add a NULL check for mvchip->mvpwm before calling the PWM suspend/resume functions.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53237.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
757642f9a584e893f3f4e50c99b674ee8a3ed363
Fixed
7db09011ce62162d72897fc4856b4425245dfe35
Fixed
4ef24338eda3c7e96d6f94a988266ff16ed3985d
Fixed
6136c1474db88272231573e222896e1998d34662
Fixed
c9677a9274ffb44987ec209dc8ec9f2d34946956
Fixed
b9ad50d7505ebd48282ec3630258dc820fc85c81

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53237.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.12.0
Fixed
6.6.143
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.94
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.36
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.13

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53237.json"