CVE-2025-38655

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A NULL pointer dereference issue was resolved in the pinctrl subsystem for Canaan K230 devices. The vulnerability occurs when retrieving the "pinmux" property from the device tree node, specifically if the property is missing. A missing check for the return value of of get property() could lead to a crash. Additionally, a typo in the device ID match table comment was corrected from "sintenel" to "sentinel".

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.