CVE-2026-53330
Received Received - Intake

Out-of-Bounds Read in Linux Kernel AMD Display Driver

Vulnerability report for CVE-2026-53330, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-01

Last updated on: 2026-07-01

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dp_get_eq_aux_rd_interval() [Why & How] The aux_rd_interval array in struct dc_lttpr_caps is declared with MAX_REPEATER_CNT - 1 (7) elements, indexed 0..6. However, the offset parameter passed to dp_get_eq_aux_rd_interval() can be as large as MAX_REPEATER_CNT (8) when a sink reports 8 LTTPR repeaters via DPCD. This leads to an out-of-bounds read of aux_rd_interval[7] when offset is 8. Fix this by growing aux_rd_interval to MAX_REPEATER_CNT elements to accommodate the full range of valid repeater counts defined by the DP spec. (cherry picked from commit a55a458a8df37a65ffda5cf721d554a8f74f6b04)

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-01
Last Modified
2026-07-01
Generated
2026-07-01
AI Q&A
2026-07-01
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an out-of-bounds read in the Linux kernel's AMD display driver, specifically in the function dp_get_eq_aux_rd_interval().

The issue arises because the aux_rd_interval array is declared with 7 elements (indexed 0 to 6), but the function can receive an offset value of 8 when a sink device reports 8 LTTPR repeaters. This causes the function to read beyond the array boundary at index 7, which is invalid.

The fix involved increasing the size of the aux_rd_interval array to 8 elements to properly handle the maximum number of repeaters defined by the DisplayPort specification.

Impact Analysis

An out-of-bounds read vulnerability can potentially lead to system instability or crashes if the kernel reads invalid memory.

While this specific vulnerability involves reading beyond an array boundary, it may also expose sensitive kernel memory contents, which could be leveraged in further attacks depending on the context.

However, no specific CVSS score or exploit details are provided, so the exact impact depends on the environment and usage of the affected Linux kernel component.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53330. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart