{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-53339","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-06-09T07:44:35.399Z","datePublished":"2026-07-01T13:32:21.709Z","dateUpdated":"2026-07-01T13:32:21.709Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-07-01T13:32:21.709Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qcom-cci: Fix NULL pointer dereference in cci_remove()\n\nOn all modern platforms Qualcomm CCI controller provides two I2C masters,\nand on particular boards only one I2C master may be initialized, and in\nsuch cases the device unbinding or driver removal causes a NULL pointer\ndereference, because cci_halt() is called for all two I2C masters, but\na completion is initialized only for the single enabled master:\n\n    % rmmod i2c-qcom-cci\n    Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n    <snip>\n    Call trace:\n    __wait_for_common+0x194/0x1a8 (P)\n    wait_for_completion_timeout+0x20/0x2c\n    cci_remove+0xc4/0x138 [i2c_qcom_cci]\n    platform_remove+0x20/0x30\n    device_remove+0x4c/0x80\n    device_release_driver_internal+0x1c8/0x224\n    driver_detach+0x50/0x98\n    bus_remove_driver+0x6c/0xbc\n    driver_unregister+0x30/0x60\n    platform_driver_unregister+0x14/0x20\n    qcom_cci_driver_exit+0x18/0x1008 [i2c_qcom_cci]\n    ...."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/i2c/busses/i2c-qcom-cci.c"],"versions":[{"version":"e517526195de400158e05a08764d1fb61d579105","lessThan":"e8669d12da0ade52adfe0abe96cd99e708abc9bd","status":"affected","versionType":"git"},{"version":"e517526195de400158e05a08764d1fb61d579105","lessThan":"4d2b4a9cda6837e5ee1de1290f2e773a713b71e9","status":"affected","versionType":"git"},{"version":"e517526195de400158e05a08764d1fb61d579105","lessThan":"a50b8adb9cdb9a495b0b45583956897b7411ed7a","status":"affected","versionType":"git"},{"version":"e517526195de400158e05a08764d1fb61d579105","lessThan":"7107627b8b35015027201e7a095a3f6e30b4a46f","status":"affected","versionType":"git"},{"version":"e517526195de400158e05a08764d1fb61d579105","lessThan":"4cd206c1d57a9370d5219f7b1fc45169d7bdf951","status":"affected","versionType":"git"},{"version":"e517526195de400158e05a08764d1fb61d579105","lessThan":"a162a260c8c4db7501c65220e76913e8e351f823","status":"affected","versionType":"git"},{"version":"e517526195de400158e05a08764d1fb61d579105","lessThan":"8ce7ff721a5e9d06d53ef65d01c89fce6d26d6ff","status":"affected","versionType":"git"},{"version":"e517526195de400158e05a08764d1fb61d579105","lessThan":"729ac5a4b966aac42e08a94dea966f4429008548","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/i2c/busses/i2c-qcom-cci.c"],"versions":[{"version":"5.8","status":"affected"},{"version":"0","lessThan":"5.8","status":"unaffected","versionType":"semver"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","status":"unaffected","versionType":"semver"},{"version":"7.1","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"5.10.259"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"5.15.210"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"6.1.176"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"6.6.143"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"6.12.94"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"6.18.36"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"7.0.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"7.1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/e8669d12da0ade52adfe0abe96cd99e708abc9bd"},{"url":"https://git.kernel.org/stable/c/4d2b4a9cda6837e5ee1de1290f2e773a713b71e9"},{"url":"https://git.kernel.org/stable/c/a50b8adb9cdb9a495b0b45583956897b7411ed7a"},{"url":"https://git.kernel.org/stable/c/7107627b8b35015027201e7a095a3f6e30b4a46f"},{"url":"https://git.kernel.org/stable/c/4cd206c1d57a9370d5219f7b1fc45169d7bdf951"},{"url":"https://git.kernel.org/stable/c/a162a260c8c4db7501c65220e76913e8e351f823"},{"url":"https://git.kernel.org/stable/c/8ce7ff721a5e9d06d53ef65d01c89fce6d26d6ff"},{"url":"https://git.kernel.org/stable/c/729ac5a4b966aac42e08a94dea966f4429008548"}],"title":"i2c: qcom-cci: Fix NULL pointer dereference in cci_remove()","x_generator":{"engine":"bippy-1.2.0"}}}}