CVE Catalog

CVE-2026-53338

Unknown
Published: Translated: NVD NIST

Summary

In the Linux kernel, a vulnerability was found in the airoha network driver where airoha_qdma_init_hfwd_queues() calls of_reserved_mem_lookup() without checking for NULL return. This can lead to a NULL pointer dereference and system crash.

Risk Assessment

The risk involves a potential kernel NULL pointer dereference due to misconfigured device tree (DTS) or a removed memory-region node, which could cause system instability or denial of service.

Recommendation

Apply the Linux kernel patch that adds a NULL check after of_reserved_mem_lookup() and returns -ENODEV on failure. Update to a kernel version containing this fix.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Add NULL check for of_reserved_mem_lookup() in airoha_qdma_init_hfwd_queues() of_reserved_mem_lookup() may return NULL if the reserved memory region referenced by the "memory-region" phandle is not found in the reserved memory table (e.g. due to a misconfigured DTS or a removed memory-region node). The current code dereferences the returned pointer without checking for NULL, leading to a kernel NULL pointer dereference at the following lines: dma_addr = rmem->base; // line 1156 num_desc = div_u64(rmem->size, buf_size); // line 1160 Add a NULL check after of_reserved_mem_lookup() and return -ENODEV if the lookup fails, which is consistent with the existing error handling for of_parse_phandle() failure in the same code block.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS