PT-2026-54798 · Linux · Linux

Published

2026-07-01

·

Updated

2026-07-01

·

CVE-2026-53330

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix out-of-bounds read in dp get eq aux rd interval()
[Why & How] The aux rd interval array in struct dc lttpr caps is declared with MAX REPEATER CNT - 1 (7) elements, indexed 0..6. However, the offset parameter passed to dp get eq aux rd interval() can be as large as MAX REPEATER CNT (8) when a sink reports 8 LTTPR repeaters via DPCD. This leads to an out-of-bounds read of aux rd interval[7] when offset is 8.
Fix this by growing aux rd interval to MAX REPEATER CNT elements to accommodate the full range of valid repeater counts defined by the DP spec.
(cherry picked from commit a55a458a8df37a65ffda5cf721d554a8f74f6b04)
Found an issue in the description? Have something to add? Feel free to write us 👾

Related Identifiers

CVE-2026-53330

Affected Products

Linux