{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T19:00:17.497","vulnerabilities":[{"cve":{"id":"CVE-2025-38266","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-07-10T08:15:24.727","lastModified":"2025-11-18T18:29:23.313","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms\n\nCommit 3ef9f710efcb (\"pinctrl: mediatek: Add EINT support for multiple\naddresses\") introduced an access to the 'soc' field of struct\nmtk_pinctrl in mtk_eint_do_init() and for that an include of\npinctrl-mtk-common-v2.h.\n\nHowever, pinctrl drivers relying on the v1 common driver include\npinctrl-mtk-common.h instead, which provides another definition of\nstruct mtk_pinctrl that does not contain an 'soc' field.\n\nSince mtk_eint_do_init() can be called both by v1 and v2 drivers, it\nwill now try to dereference an invalid pointer when called on v1\nplatforms. This has been observed on Genio 350 EVK (MT8365), which\ncrashes very early in boot (the kernel trace can only be seen with\nearlycon).\n\nIn order to fix this, since 'struct mtk_pinctrl' was only needed to get\na 'struct mtk_eint_pin', make 'struct mtk_eint_pin' a parameter\nof mtk_eint_do_init() so that callers need to supply it, removing\nmtk_eint_do_init()'s dependency on any particular 'struct mtk_pinctrl'."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pinctrl: mediatek: eint: Corrección de la desreferencia de puntero no válida para plataformas v1. El commit 3ef9f710efcb (\"pinctrl: mediatek: Añadir compatibilidad con EINT para múltiples direcciones\") introdujo un acceso al campo 'soc' de struct mtk_pinctrl en mtk_eint_do_init() y, para ello, la inclusión de pinctrl-mtk-common-v2.h. Sin embargo, los controladores pinctrl que dependen del controlador común v1 incluyen pinctrl-mtk-common.h, que proporciona otra definición de struct mtk_pinctrl que no contiene el campo 'soc'. Dado que mtk_eint_do_init() puede ser invocado tanto por controladores v1 como v2, ahora intentará desreferenciar un puntero no válido al invocarlo en plataformas v1. Esto se ha observado en Genio 350 EVK (MT8365), que se bloquea al inicio (la traza del kernel solo se puede ver con earlycon). Para solucionarlo, dado que 'struct mtk_pinctrl' solo era necesario para obtener un 'struct mtk_eint_pin', se debe convertir 'struct mtk_eint_pin' en un parámetro de mtk_eint_do_init() para que quienes lo invoquen deban proporcionarlo, eliminando así la dependencia de mtk_eint_do_init() de cualquier 'struct mtk_pinctrl' en particular."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.15","versionEndExcluding":"6.15.2","matchCriteriaId":"5C28A2D1-4E5D-4F87-AEFA-9268B4CB0980"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1c9977b263475373b31bbf86af94a5c9ae2be42c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9ebe21ede792cef851847648962c363cac67d17f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}