CVE-2026-53285

Source
https://cve.org/CVERecord?id=CVE-2026-53285
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53285.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53285
Downstream
Published
2026-06-26T19:40:46.328Z
Modified
2026-07-09T03:51:31.965298233Z
Summary
drm/amd/display: Wrap DCN32 phantom-plane allocation in DC_RUN_WITH_PREEMPTION_ENABLED
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Wrap DCN32 phantom-plane allocation in DCRUNWITHPREEMPTIONENABLED

[Why] dcn32validatebandwidth() wraps dcn32internalvalidatebw() with DCFPSTART()/DCFPEND(). In x86 non-RT, DCFPSTART takes fpregslock(), which disables local softirqs.

The DML1 path through dcn32enablephantomplane() calls kvzalloc() to allocate ~335 KiB for dcplanestate. This triggers the vmalloc path, which calls BUGON(in_interrupt()) because it's invoked within the FPU-enabled (softirq disabled) region, leading to a kernel crash.

[How] Wrap the dcstatecreatephantomplane() call with the DCRUNWITHPREEMPTIONENABLED() macro to allow preemption during this memory allocation.

(cherry picked from commit 885ccbef7b94a8b38f69c4211c679021aa27ad11)

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53285.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
235c67634230b0f9ad8c0185272fed36c892b1c4
Fixed
30bb2ec6695d62f63db4aa6179c4626834ed0cd6
Fixed
183182235f6d53bac62c6c39014738a54a68dfa6

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53285.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.0.0
Fixed
7.0.10

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53285.json"