Description
In the Linux kernel, the following vulnerability has been resolved:

reset: amlogic: t7: Fix null reset ops

Fix missing reset ops causing kernel null pointer dereference.
This SOC's reset is currently not used yet.
Published: 2026-06-26
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A missing or uninitialized reset operations table in the Amlogic t7 reset driver causes the kernel to dereference a null pointer when the reset subsystem is invoked. This triggers a kernel panic, rendering the entire system unavailable. The flaw is an instance of CWE-824 (Improper Pointer Initialization).

Affected Systems

The vulnerability affects Linux kernel configurations that include the Amlogic t7 reset driver. It was discovered in the driver that manages the reset controller on the Amlogic t7 SoC. No specific kernel version is listed in the advisory, so any kernel build containing the unpatched reset subsystem for this SoC is vulnerable. Vendors shipping Linux images for devices based on the Amlogic t7 should verify whether the reset controller is enabled and unpatched.

Risk and Exploitability

The EPSS score is under 1% and the vulnerability is not in the CISA KEV catalog, indicating that active exploitation is unlikely at present. The reset functionality on the Amlogic t7 is currently unused, so the likely attack vector would require an attacker with privileged local access capable of invoking the reset subsystem, or activation of reset support in a future kernel release. The lack of public exploits and low EPSS score suggest a low to moderate risk until the feature is exposed, at which point immediate patching would be recommended.

Generated by OpenCVE AI on June 29, 2026 at 16:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Linux kernel update that includes commit 463a0885de665d3f36e219c5502584b99fa61c85 or newer, which initializes the reset operations table for Amlogic t7.
  • If reset functionality is not required on the device, disable CONFIG_RESET_CONTROLLER in the kernel configuration to prevent accidental activation of the uninitialized reset path.
  • Restrict privileged local access that can trigger the reset subsystem, for example, by limiting the use of the /dev/reset interface to a dedicated role or by enforcing strict Capability controls.

Generated by OpenCVE AI on June 29, 2026 at 16:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 29 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Mon, 29 Jun 2026 12:15:00 +0000


Fri, 26 Jun 2026 23:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Fri, 26 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: reset: amlogic: t7: Fix null reset ops Fix missing reset ops causing kernel null pointer dereference. This SOC's reset is currently not used yet.
Title reset: amlogic: t7: Fix null reset ops
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-26T19:40:57.845Z

Reserved: 2026-06-09T07:44:35.397Z

Link: CVE-2026-53301

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity :

Publid Date: 2026-06-26T00:00:00Z

Links: CVE-2026-53301 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T16:30:17Z

Weaknesses
  • CWE-824

    Access of Uninitialized Pointer