CVE-2025-38286
📋 TL;DR
A Linux kernel vulnerability in the AT91 pinctrl driver allows out-of-bounds memory access when accessing GPIO chips. This could lead to kernel crashes or potential privilege escalation. Systems using AT91-based hardware with affected kernel versions are vulnerable.
💻 Affected Systems
- Linux kernel with AT91 pinctrl driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential privilege escalation to root if memory corruption enables arbitrary code execution.
Likely Case
System instability, kernel crashes, or denial of service on affected AT91-based systems.
If Mitigated
Minimal impact if systems are patched or don't use AT91 GPIO functionality.
🎯 Exploit Status
Requires local access and specific hardware interaction; not trivial to exploit remotely.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check stable kernel trees for specific patched versions (e.g., 5.10.x, 5.15.x, 6.1.x with fixes)
Vendor Advisory: https://git.kernel.org/stable/c/264a5cf0c422e65c94447a1ebebfac7c92690670
Restart Required: Yes
Instructions:
1. Update to a patched kernel version from your distribution. 2. Reboot the system to load the new kernel.
🔧 Temporary Workarounds
Disable AT91 GPIO if unused
linuxRemove or blacklist the at91-gpio module if not needed.
echo 'blacklist at91-gpio' >> /etc/modprobe.d/blacklist.conf
rmmod at91-gpio
🧯 If You Can't Patch
- Restrict physical and local access to affected systems.
- Monitor system logs for kernel panics or unusual GPIO-related errors.
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if AT91 GPIO is loaded: 'uname -r' and 'lsmod | grep at91'.Check Version:
uname -rVerify Fix Applied:
Verify kernel version is patched and system is stable after update.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- GPIO or pinctrl-related errors in dmesg
Network Indicators:
- None - local vulnerability
SIEM Query:
Search for 'kernel panic' or 'at91' in system logs.🔗 References
- https://git.kernel.org/stable/c/264a5cf0c422e65c94447a1ebebfac7c92690670
- https://git.kernel.org/stable/c/288c39286f759314ee8fb3a80a858179b4f306da
- https://git.kernel.org/stable/c/2ecafe59668d2506a68459a9d169ebe41a147a41
- https://git.kernel.org/stable/c/762ef7d1e6eefad9896560bfcb9bcf7f1b6df9c1
- https://git.kernel.org/stable/c/db5665cbfd766db7d8cd0e5fd6e3c0b412916774
- https://git.kernel.org/stable/c/e02e12d6a7ab76c83849a4122785650dc7edef65
- https://git.kernel.org/stable/c/eb435bc4c74acbb286cec773deac13d117d3ef39
- https://git.kernel.org/stable/c/f1c1fdc41fbf7e308ced9c86f3f66345a3f6f478
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
