HOMEVULNERABILITIESCVE-2026-53237
NONE

CVE-2026-53237

Published: June 25, 2026· Updated: Jun 30, 2026

EPSS:0.18%probability of exploitation in 30 daysPercentile:7.2th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

gpio: mvebu: fix NULL pointer dereference in suspend/resume

mvebu_pwm_suspend() and mvebu_pwm_resume() are called for all GPIO

banks during suspend/resume, but not all banks have PWM functionality.

GPIO banks without PWM have mvchip->mvpwm set to NULL.

Calling mvebu_pwm_suspend() with mvpwm == NULL causes a NULL pointer

dereference when it tries to access mvpwm->blink_select.

Unable to handle kernel NULL pointer dereference at virtual address 00000020 when write

[00000020] *pgd=00000000

Internal error: Oops: 815 [#1] PREEMPT ARM

Modules linked in:

CPU: 0 UID: 0 PID: 406 Comm: sh Not tainted 6.12.74-rt12-yocto-standard-g4e96f98fb7db-dirty #353

Hardware name: Marvell Armada 370/XP (Device Tree)

PC is at regmap_mmio_read+0x38/0x54

LR is at regmap_mmio_read+0x38/0x54

pc : [<c05fd2ac>] lr : [<c05fd2ac>] psr: 200f0013

sp : f0c11d10 ip : 00000000 fp : c100d2f0

r10: c14fb854 r9 : 00000000 r8 : 00000000

r7 : c1799c00 r6 : 00000020 r5 : 00000020 r4 : c179c7c0

r3 : f0a231a0 r2 : 00000020 r1 : 00000020 r0 : 00000000

Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none

Control: 10c5387d Table: 135ec059 DAC: 00000051

Call trace:

regmap_mmio_read from _regmap_bus_reg_read+0x78/0xac

_regmap_bus_reg_read from _regmap_read+0x60/0x154

_regmap_read from regmap_read+0x3c/0x60

regmap_read from mvebu_gpio_suspend+0xa4/0x14c

mvebu_gpio_suspend from dpm_run_callback+0x54/0x180

dpm_run_callback from device_suspend+0x124/0x630

device_suspend from dpm_suspend+0x124/0x270

dpm_suspend from dpm_suspend_start+0x64/0x6c

dpm_suspend_start from suspend_devices_and_enter+0x140/0x8e8

suspend_devices_and_enter from pm_suspend+0x2fc/0x308

pm_suspend from state_store+0x6c/0xc8

state_store from kernfs_fop_write_iter+0x10c/0x1f8

kernfs_fop_write_iter from vfs_write+0x270/0x468

vfs_write from ksys_write+0x70/0xf0

ksys_write from ret_fast_syscall+0x0/0x54

Add a NULL check for mvchip->mvpwm before calling the PWM

suspend/resume functions.

NVD Source

Technical Analysis

CVE-2026-53237 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (5)

Quick Facts

CVE IDCVE-2026-53237
SeverityNONE
CISA KEVNo
EPSS (30d)0.18%
PublishedJun 25, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-53237 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.