Out-of-bounds read in Linux kernel - CVE-2026-53330
Published: July 2, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local attacker to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in dp_get_eq_aux_rd_interval() when processing DisplayPort repeater capability data. A local attacker can provide crafted repeater count information to trigger an out-of-bounds read and disclose sensitive information.
The issue occurs when a sink reports 8 LTTPR repeaters, causing access beyond the declared aux_rd_interval array bounds.