CVE-2026-53066
Received Received - Intake
DRM Plane State Error Pointer Dereference in Linux Kernel

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: backend: fix error pointer dereference The function drm_atomic_get_plane_state() can return an error pointer and is not checked for it. Add error pointer check. Detected by Smatch: drivers/gpu/drm/sun4i/sun4i_backend.c:496 sun4i_backend_atomic_check() error: 'plane_state' dereferencing possible ERR_PTR()
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-06-25
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-53066
EUVD
EUVD-2026-38934
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel, specifically in the drm/sun4i backend component. The function drm_atomic_get_plane_state() can return an error pointer, but the code does not check for this error pointer before dereferencing it. This can lead to an error pointer dereference issue.

The problem was detected by Smatch, a static analysis tool, which found that the 'plane_state' variable could be dereferenced even if it was an error pointer (ERR_PTR()). The fix involves adding a check for the error pointer before dereferencing.

Impact Analysis

This vulnerability involves an error pointer dereference in the Linux kernel's drm/sun4i backend. Specifically, the function drm_atomic_get_plane_state() can return an error pointer which was not checked, potentially leading to a kernel error or crash when the pointer is dereferenced without validation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53066. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart