CVE-2026-53068
Received Received - Intake
Integer Overflow in Linux Kernel AFBC Framebuffer Validation

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/komeda: fix integer overflow in AFBC framebuffer size check The AFBC framebuffer size validation calculates the minimum required buffer size by adding the AFBC payload size to the framebuffer offset. This addition is performed without checking for integer overflow. If the addition oveflows, the size check may incorrectly succed and allow userspace to provide an undersized drm_gem_object, potentially leading to out-of-bounds memory access. Add usage of check_add_overflow() to safely compute the minimum required size and reject the framebuffer if an overflow is detected. This makes the AFBC size validation more robust against malformed. Found by Linux Verification Center (linuxtesting.org) with SVACE.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-06-25
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-53068
EUVD
EUVD-2026-38936
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's drm/komeda component, specifically in the AFBC framebuffer size check. The issue is due to an integer overflow when calculating the minimum required buffer size by adding the AFBC payload size to the framebuffer offset without verifying if the addition overflows.

If an overflow occurs, the size check may incorrectly succeed, allowing userspace to provide an undersized drm_gem_object. This can potentially lead to out-of-bounds memory access.

The fix involves using a safe addition function, check_add_overflow(), to detect and reject any framebuffer sizes that cause an overflow, making the validation more robust against malformed inputs.

Impact Analysis

This vulnerability can lead to out-of-bounds memory access in the Linux kernel's graphics subsystem. Such memory access issues can cause system instability, crashes, or potentially allow an attacker to execute arbitrary code or escalate privileges by exploiting the memory corruption.

Mitigation Strategies

The vulnerability has been resolved by adding a check for integer overflow in the AFBC framebuffer size validation within the Linux kernel. To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix.

  • Apply the latest Linux kernel updates or patches that address the drm/komeda integer overflow issue.
  • Avoid using vulnerable kernel versions that do not include the check_add_overflow() safeguard in the AFBC framebuffer size calculation.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53068. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart