{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-46269","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-05-13T15:03:33.109Z","datePublished":"2026-06-03T15:50:11.254Z","dateUpdated":"2026-06-03T15:50:11.254Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-06-03T15:50:11.254Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree\n\nWhen probing the k230 pinctrl driver, the kernel triggers a NULL pointer\ndereference. The crash trace showed:\n[    0.732084] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000068\n[    0.740737] ...\n[    0.776296] epc : k230_pinctrl_probe+0x1be/0x4fc\n\nIn k230_pinctrl_parse_functions(), we attempt to retrieve the device\npointer via info->pctl_dev->dev, but info->pctl_dev is only initialized\nafter k230_pinctrl_parse_dt() completes.\n\nAt the time of DT parsing, info->pctl_dev is still NULL, leading to\nthe invalid dereference of info->pctl_dev->dev.\n\nUse the already available device pointer from platform_device\ninstead of accessing through uninitialized pctl_dev."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/pinctrl/pinctrl-k230.c"],"versions":[{"version":"d94a32ac688f953dc9a9f12b5b4139ecad841bbb","lessThan":"3c7d637bfc3dfbd6471c68bd767f7eb8b5b09eba","status":"affected","versionType":"git"},{"version":"d94a32ac688f953dc9a9f12b5b4139ecad841bbb","lessThan":"1d0d361f4dbc2bb2003594f84e4b101fc6b508c0","status":"affected","versionType":"git"},{"version":"d94a32ac688f953dc9a9f12b5b4139ecad841bbb","lessThan":"d8c128fb6c2277d95f3f6a4ce28b82c8370031f6","status":"affected","versionType":"git"},{"version":"02c1deb1bff2b6d242e29a51e56107495979a2b8","status":"affected","versionType":"git"},{"version":"0ec03251d01494ef207089b5bd626becfd05fd86","status":"affected","versionType":"git"},{"version":"6.15.10","lessThan":"6.16","status":"affected","versionType":"semver"},{"version":"6.16.1","lessThan":"6.17","status":"affected","versionType":"semver"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/pinctrl/pinctrl-k230.c"],"versions":[{"version":"6.17","status":"affected"},{"version":"0","lessThan":"6.17","status":"unaffected","versionType":"semver"},{"version":"6.18.14","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","status":"unaffected","versionType":"semver"},{"version":"7.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"6.18.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"6.19.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"7.0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.15.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16.1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3c7d637bfc3dfbd6471c68bd767f7eb8b5b09eba"},{"url":"https://git.kernel.org/stable/c/1d0d361f4dbc2bb2003594f84e4b101fc6b508c0"},{"url":"https://git.kernel.org/stable/c/d8c128fb6c2277d95f3f6a4ce28b82c8370031f6"}],"title":"pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree","x_generator":{"engine":"bippy-1.2.0"}}}}