CVE-2026-53330

ANALYSIS PENDING

Linux - Out-of-Bounds Access

Title source: rule
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dp_get_eq_aux_rd_interval() [Why & How] The aux_rd_interval array in struct dc_lttpr_caps is declared with MAX_REPEATER_CNT - 1 (7) elements, indexed 0..6. However, the offset parameter passed to dp_get_eq_aux_rd_interval() can be as large as MAX_REPEATER_CNT (8) when a sink reports 8 LTTPR repeaters via DPCD. This leads to an out-of-bounds read of aux_rd_interval[7] when offset is 8. Fix this by growing aux_rd_interval to MAX_REPEATER_CNT elements to accommodate the full range of valid repeater counts defined by the DP spec. (cherry picked from commit a55a458a8df37a65ffda5cf721d554a8f74f6b04)

Scores

EPSS 0.0017
EPSS Percentile 6.1%

Details

Status published
Products (16)
linux/Kernel < 6.18.36linux
linux/Kernel 5.6.0 - 6.18.36linux
linux/Kernel 6.19.0 - 7.0.13linux
Linux/Linux < 5.6
Linux/Linux < 6.18.36
Linux/Linux < 7.0.13
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 454d3b3d499c18373f8960d31aea48338a3ca9e0
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - dc1490927d79fe9621e29f4a4f5d7b5ccb6aea3e
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - e8b4d37eba05141ee01794fc6b7f2da808cee83b
Linux/Linux 5.6
... and 6 more
Published Jul 01, 2026
Tracked Since Jul 01, 2026