NULL Pointer Dereference in Qualcomm CCI Controller for Linux Kernel
CVE-2026-53339
Currently unrated
What is CVE-2026-53339?
A vulnerability exists within the Linux kernel affecting the Qualcomm CCI controller, which manages I2C masters on modern platforms. If only one I2C master is initialized on certain boards, attempts to unbind the device or remove the driver can result in a NULL pointer dereference. Specifically, when calling cci_halt() for both masters, only one has an initialized completion, leading to potential system instability and crashes if the driver is unloaded improperly.
Affected Version(s)
Linux e517526195de400158e05a08764d1fb61d579105
Linux e517526195de400158e05a08764d1fb61d579105 < 4d2b4a9cda6837e5ee1de1290f2e773a713b71e9
Linux e517526195de400158e05a08764d1fb61d579105