Linux Kernel Pin Control Function Name Handling Vulnerability

A vulnerability exists in the Linux kernel's pin control subsystem, specifically within the function name handling of the pin multiplexing operations. The issue arises because the generic implementation of the 'get_function_name()' callback can fail and return a null value. This potential failure was not properly checked in the 'pinmux_func_name_to_selector()' function, leading to a null pointer dereference risk. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability could lead to a null pointer dereference, causing a crash or undefined behavior in the kernel.

Reproduction

The vulnerability can be reproduced by invoking the 'pinmux_func_name_to_selector()' function with a pin multiplexing operation that returns a null function name. This can occur when the 'get_function_name()' callback fails, which is not explicitly documented in the API contract but is a known possibility.

Remediation

The vulnerability has been addressed by adding a check for null values returned by the 'get_function_name()' callback before comparing the function names. Users should upgrade to the latest version of the Linux kernel stable tree where this fix has been applied.