In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix out-of-bounds read in dpgeteqauxrd_interval()
[Why & How] The auxrdinterval array in struct dclttprcaps is declared with MAXREPEATERCNT - 1 (7) elements, indexed 0..6. However, the offset parameter passed to dpgeteqauxrdinterval() can be as large as MAXREPEATERCNT (8) when a sink reports 8 LTTPR repeaters via DPCD. This leads to an out-of-bounds read of auxrd_interval[7] when offset is 8.
Fix this by growing auxrdinterval to MAXREPEATERCNT elements to accommodate the full range of valid repeater counts defined by the DP spec.
(cherry picked from commit a55a458a8df37a65ffda5cf721d554a8f74f6b04)
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53330.json",
"cna_assigner": "Linux"
}