CVE-2026-53142

Source
https://cve.org/CVERecord?id=CVE-2026-53142
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53142.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53142
Downstream
Related
Published
2026-06-25T08:38:30.158Z
Modified
2026-07-09T04:44:20.379935713Z
Summary
drm/xe/display: fix oops in suspend/shutdown without display
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/display: fix oops in suspend/shutdown without display

The xe driver keeps track of whether to probe display, and whether display hardware is there, using xe->info.probedisplay. It gets set to false if there's no display after inteldisplaydeviceprobe(). However, the display may also be disabled via fuses, detected at a later time in inteldisplaydeviceinforuntime_init().

In this case, the xe driver does foreachintelcrtc() on uninitialized mode config in xedisplayflushcleanup_work(), leading to a NULL pointer dereference, and generally calls display code with display info cleared.

Check for inteldisplaydevicepresent() after inteldisplaydeviceinforuntimeinit(), and reset xe->info.probedisplay as necessary. Also do unsetdisplay_features() for completeness, although display runtime init has already done that. This will need to be unified across all cases later.

Move inteldisplaydeviceinforuntime_init() call slightly earlier, similar to i915, to avoid a bunch of unnecessary setup for no display cases.

Note #1: The xe driver has no business doing low level display plumbing like foreachintel_crtc() to begin with. It all needs to happen in display code.

Note #2: The actual bug is present already in commit 44e694958b95 ("drm/xe/display: Implement display support"), but the oops was likely introduced later at commit ddf6492e0e50 ("drm/xe/display: Make display suspend/resume work on discrete").

(cherry picked from commit 7c3eb9f47533220888a67266448185fd0775d4da)

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53142.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
44e694958b95395bd1c41508c88c8ca141bf9bd7
Fixed
ddf1fe4c043aa42e46aef87b815d5deeed2fcd7b
Fixed
0f68ddfaaebfbb5581ee931779757d31f4dc9e24
Fixed
238bcdaae8f2abc65e182de7d1f69cf8f611a610
Fixed
68938cc08e23a94fd881e845837ff918de005ce7

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53142.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.12.95
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.36
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.13

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53142.json"