CVE-2026-53356

ANALYSIS PENDING

drm/i915/gem: Fix phys BO pread/pwrite with offset

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix phys BO pread/pwrite with offset sg_page() returns struct page pointer not (void *) so the scaling of pread/pwrite is wrong for phys BO and wrong parts of BO would be accessed if non-zero offset is used. Last impacted platform with overlay or cursor planes using phys mapping was Gen3/945G/Lakeport. (cherry picked from commit 3e49a2f85070b2fb672c1e0fdba281a4ea3aebe6)

Scores

EPSS 0.0016
EPSS Percentile 6.0%

Details

Status published
Products (25)
linux/Kernel 5.11.0 - 5.15.210linux
linux/Kernel 5.16.0 - 6.1.176linux
linux/Kernel 5.7.0 - 5.10.259linux
linux/Kernel 6.13.0 - 6.18.36linux
linux/Kernel 6.19.0 - 7.0.13linux
linux/Kernel 6.2.0 - 6.6.143linux
linux/Kernel 6.7.0 - 6.12.94linux
Linux/Linux < 5.7
Linux/Linux 5.10.259 - 5.10.*
Linux/Linux 5.15.210 - 5.15.*
... and 15 more
Published Jul 01, 2026
Tracked Since Jul 01, 2026