CVE-2026-53344

medium Red Hat
Published: July 1, 2026 (8 days ago)
Last Modified: July 1, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's `pinctrl: mcp23s08` driver. During the initialization of the `regmap` (register map) for the `mcp23s08` component, an attempt to perform an SPI (Serial Peripheral Interface) read occurs before critical device parameters (`mcp->dev` and `mcp->addr`) are properly set. This premature access leads to a NULL pointer dereference, which can cause a system crash and result in a Denial of Service (DoS).

CWE

CWE-476

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References