Out-of-bounds write in Linux kernel - CVE-2026-53137
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows an attacker with physical access to cause a denial of service.
The vulnerability exists due to an out-of-bounds write in mod_hdcp_read_rx_id_list() when processing a malicious HDMI HDCP 2.x repeater ReceiverID list over I2C. An attacker with physical access can provide a malicious HDMI repeater that advertises an oversized message length to cause a denial of service.
The issue occurs during HDCP 2.x repeater authentication over HDMI.
How to mitigate CVE-2026-53137
Sources
- https://git.kernel.org/stable/c/1906064d50d194a145486e5caf3db3e708b6f6ef
- https://git.kernel.org/stable/c/3c4444aec06c74fbc05661f370954ac814963c38
- https://git.kernel.org/stable/c/79e0273272a05fb26f9b1e55bf1a52eefc3b7b35
- https://git.kernel.org/stable/c/91fb41218c413989d8b6c837748751454b452d68
- https://git.kernel.org/stable/c/964e50ef7b8f09815a7d05b8326af700f8d5bc96
- https://git.kernel.org/stable/c/98cfb7530ea91d8e5e928285cdce58e1131f6e83
- https://git.kernel.org/stable/c/bfba882cfcd08f6540f72f48e786b6404f5d2c5b
- https://git.kernel.org/stable/c/f0f3981c43b32cadfe373d636d9e9ca522bb3702