In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix order of DT parse and pinctrl register Move DT parse before pinctrl register. This ensures that device tree parsing is done before calling devm_pinctrl_register() to prevent using uninitialized pin resources.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2025082238-CVE-2025-38654-20b7@gregkh/T