Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Out-of-Bounds Memory Access Vulnerability in Pinctrl Freescale Driver

Vulnerability

A memory out-of-bounds vulnerability has been identified in the Linux kernel's Pinctrl Freescale driver. This issue arises when the number of configurations is one, leading to an attempt to access an invalid memory location. The vulnerability has been addressed by modifying the configuration retrieval process to ensure that out-of-bounds access does not occur.

Impact

Exploitation of this vulnerability could lead to undefined behavior, including potential memory corruption.

Reproduction

The vulnerability can be reproduced by configuring the Pinctrl Freescale driver in a way that num_configs is set to 1. When this configuration is active, the driver incorrectly fetches the second configuration, which is out of bounds. This misstep is detected by the Kernel Address Sanitizer (KASAN) as a memory out-of-bounds error.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Dec 8, 2025, 2:39 AM
Updated: Dec 8, 2025, 2:39 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
1.3
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.