CVE-2026-53142
Received Received - Intake
Kernel Oops in Linux DRM/Xe Display Driver

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/xe/display: fix oops in suspend/shutdown without display The xe driver keeps track of whether to probe display, and whether display hardware is there, using xe->info.probe_display. It gets set to false if there's no display after intel_display_device_probe(). However, the display may also be disabled via fuses, detected at a later time in intel_display_device_info_runtime_init(). In this case, the xe driver does for_each_intel_crtc() on uninitialized mode config in xe_display_flush_cleanup_work(), leading to a NULL pointer dereference, and generally calls display code with display info cleared. Check for intel_display_device_present() after intel_display_device_info_runtime_init(), and reset xe->info.probe_display as necessary. Also do unset_display_features() for completeness, although display runtime init has already done that. This will need to be unified across all cases later. Move intel_display_device_info_runtime_init() call slightly earlier, similar to i915, to avoid a bunch of unnecessary setup for no display cases. Note #1: The xe driver has no business doing low level display plumbing like for_each_intel_crtc() to begin with. It all needs to happen in display code. Note #2: The actual bug is present already in commit 44e694958b95 ("drm/xe/display: Implement display support"), but the oops was likely introduced later at commit ddf6492e0e50 ("drm/xe/display: Make display suspend/resume work on discrete"). (cherry picked from commit 7c3eb9f47533220888a67266448185fd0775d4da)
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-25
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-53142
EUVD
EUVD-2026-39233
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's xe display driver. The driver tracks whether a display is present using a flag called probe_display. If no display is detected after a certain probe function, this flag is set to false. However, the display can also be disabled later via hardware fuses, which is detected in a different initialization function.

The problem occurs because the xe driver performs operations on uninitialized display mode configurations when the display is disabled by fuses. Specifically, it calls a function that iterates over display controllers (CRTCs) without proper initialization, leading to a NULL pointer dereference and causing the system to crash (an oops).

The fix involves checking if the display is actually present after the runtime initialization and resetting the probe_display flag accordingly. It also includes moving the initialization call earlier to avoid unnecessary setup when no display is present, and cleaning up display features properly.

Impact Analysis

This vulnerability can cause the Linux kernel to crash (an oops) during suspend or shutdown operations when the xe display driver attempts to access uninitialized display data. This can lead to system instability or unexpected reboots, potentially causing data loss or disruption of services.

Mitigation Strategies

The vulnerability has been resolved by fixing the xe driver's handling of display probe and initialization to avoid NULL pointer dereferences during suspend or shutdown without a display.

Immediate mitigation steps include updating the Linux kernel to a version that includes the fix from commit 7c3eb9f47533220888a67266448185fd0775d4da or later.

This update ensures that the xe driver properly checks for display presence after runtime initialization and avoids calling display code with cleared display info.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53142. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart