๐Ÿ” CVE Alert

CVE-2026-53136

UNKNOWN 0.0

drm/amd/display: Clamp VBIOS HDMI retimer register count to array size

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size [Why & How] The VBIOS integrated info tables (v1_11 and v2_1) contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C register settings into fixed-size arrays (dp*_ext_hdmi_reg_settings[9] and dp*_ext_hdmi_6g_reg_settings[3]). These u8 fields are not validated before use, so a malformed VBIOS can specify values up to 255, causing an out-of-bounds heap write during driver probe. Clamp each register count to the destination array size using min_t() before the copy loops, in both get_integrated_info_v11() and get_integrated_info_v2_1(). (cherry picked from commit 5a7f0ef90195940c54b0f5bb85b87da55f038c69)

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Jun 25, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 029571d51140650783be4fb98fe7cb4754752086 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5f8b39452fb16f507c9e4d8b4a83ce27e893307c 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4d1c3c26c2ab1842e139e61983395d64bd2e518b 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < d6be8e59af412623e3d874be3a048406c0edfe60 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3f32d52ec604c659725d865cf8cc6a17a33f9c6a 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8aaa7e317fbd4beb9c6a9f77aa4cf52fae78b117 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < fb0707ce00eef4e2d60c3020e1c0432739703e4a 0 < 5.15.210 0 < 6.1.176 0 < 6.6.143 0 < 6.12.94 0 < 6.18.36 0 < 7.0.13
Linux / Linux
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/029571d51140650783be4fb98fe7cb4754752086 git.kernel.org: https://git.kernel.org/stable/c/5f8b39452fb16f507c9e4d8b4a83ce27e893307c git.kernel.org: https://git.kernel.org/stable/c/4d1c3c26c2ab1842e139e61983395d64bd2e518b git.kernel.org: https://git.kernel.org/stable/c/d6be8e59af412623e3d874be3a048406c0edfe60 git.kernel.org: https://git.kernel.org/stable/c/3f32d52ec604c659725d865cf8cc6a17a33f9c6a git.kernel.org: https://git.kernel.org/stable/c/8aaa7e317fbd4beb9c6a9f77aa4cf52fae78b117 git.kernel.org: https://git.kernel.org/stable/c/fb0707ce00eef4e2d60c3020e1c0432739703e4a