Volerion logoVolerion
Volerion logoVolerion

Linux Kernel GPIO Sleep Vulnerability in NFC NXP-NCI Driver

Vulnerability

A vulnerability in the Linux kernel's NFC NXP-NCI driver allows GPIOs to sleep, addressing a warning and enabling the driver to manage GPIOs connected to I2C expanders. This issue was resolved by modifying how GPIO values are set, allowing for sleep states where necessary.

Impact

The vulnerability could lead to improper GPIO management, potentially causing issues with devices that rely on I2C GPIO expanders.

Reproduction

The vulnerability can be reproduced by using the NFC NXP-NCI driver with GPIOs connected to I2C GPIO expanders. The driver will issue a warning about the GPIO handling, indicating that the GPIOs are not being managed correctly. After applying the patch, the driver will be able to operate the GPIOs properly, without any warnings.

Remediation

Users can apply the patch available in the Linux kernel stable tree to address this vulnerability.

Added: Apr 24, 2026, 8:24 PM
Updated: Apr 24, 2026, 8:24 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
3.9
remediation
7.7
relevance
6.6
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.