CVE-2026-53313

Source
https://cve.org/CVERecord?id=CVE-2026-53313
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53313.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53313
Downstream
Published
2026-06-26T19:41:06.568Z
Modified
2026-07-08T08:07:25.070577206Z
Summary
drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths

In dcdmubsrvlogdiagnosticdata() and dcdmubsrvenabledpiatrace().

Both functions check:

if (!dcdmubsrv || !dcdmubsrv->dmub)

and then call DCLOGERROR() inside that block.

DCLOGERROR() uses dcdmubsrv->ctx internally. So if dcdmubsrv is NULL, the logging itself can dereference a NULL pointer and cause a crash.

Fix this by splitting the checks.

First check if dcdmubsrv is NULL and return immediately. Then check dcdmubsrv->dmub and log the error only when dcdmubsrv is valid.

Fixes the below: ../display/dc/dcdmubsrv.c:962 dcdmubsrvlogdiagnosticdata() error: we previously assumed 'dcdmubsrv' could be null (see line 961) ../display/dc/dcdmubsrv.c:1167 dcdmubsrvenabledpiatrace() error: we previously assumed 'dcdmubsrv' could be null (see line 1166)

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53313.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2631ac1ac328189031d1aefbbd4929050f72fb23
Fixed
b37a978e6d8c33fbfa4abc5dcca4c7cfc6d01f22
Fixed
4ae3e16f4b3bf64140f773629b765d605ee079a9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53313.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.14.0
Fixed
7.0.10

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53313.json"