Linux Kernel Vulnerability in Airoha Component Affecting Memory Handling
CVE-2026-53338
What is CVE-2026-53338?
A vulnerability exists in the Linux kernel's handling of reserved memory regions within the Airoha component. The function 'of_reserved_mem_lookup()' may return a NULL pointer if the specified memory region is not found. The current implementation does not include adequate checks for this NULL value, which could lead to a kernel NULL pointer dereference and potential system instability. Following best practices, a NULL check should be integrated after this lookup to ensure robust error handling, returning an appropriate error code when memory regions are misconfigured or removed.
Affected Version(s)
Linux 3a1ce9e3d01bbf3912c3e3f81cb554d558eb715b < 01f7d4b504580664d36faea5671cde5e3f0d8a5b
Linux 3a1ce9e3d01bbf3912c3e3f81cb554d558eb715b
Linux 3a1ce9e3d01bbf3912c3e3f81cb554d558eb715b