CVE-2025-40030
Published: Oct 28, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmux_ops::get_function_name() While the API contract in docs doesn't specify it explicitly, the generic implementation of the get_function_name() callback from struct pinmux_ops - pinmux_generic_get_function_name() - can fail and return NULL. This is already checked in pinmux_check_ops() so add a similar check in pinmux_func_name_to_selector() instead of passing the returned pointer right down to strcmp() where the NULL can get dereferenced. This is normal operation when adding new pinfunctions.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected f913cfce4ee49a3382a9ff95696f49a46e56e974 - < 1a7fc8fed2bb2e113604fde7a45432ace2056b97affected f913cfce4ee49a3382a9ff95696f49a46e56e974 - < e7265dc4c670b89611bcf5fe33acf99bc0aa294faffected f913cfce4ee49a3382a9ff95696f49a46e56e974 - < d77ef2f621cd1d605372c4c6ce667c496f6990c3affected f913cfce4ee49a3382a9ff95696f49a46e56e974 - < ba7f7c2b2b3261e7def67018c38c69b626e0e66eaffected f913cfce4ee49a3382a9ff95696f49a46e56e974 - < 1a2ea887a5cd7d47bab599f733d89444df018b1a+3 more versions |
Linux | Linux | affected 4.19unaffected 0 - < 4.19unaffected 5.4.301 - <= 5.4.*unaffected 5.10.246 - <= 5.10.*unaffected 5.15.195 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now