drm/gma500/oaktrail_lvds: fix hang on init failure
Summary
| CVE | CVE-2026-53279 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-06-26 20:17:19 UTC |
| Updated | 2026-07-08 03:58:26 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktrail_lvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2c_get_adapter() and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling does not separate these cases so on a late init failure it will try to deregister and free also an adapter that had previously been registered. Since i2c_get_adapter() takes another reference to the adapter, deregistration hangs indefinitely while waiting for the reference to be released. Fix this by only destroying adapters allocated during LVDS init on errors. |
Risk And Classification
Primary CVSS: v3.1 5.5 MEDIUM from [email protected]
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS: 0.001720000 probability, percentile 0.068830000 (date 2026-07-04)
Problem Types: NVD-CWE-noinfo
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
NoneIntegrity
NoneAvailability
HighCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected a57ebfc0b4da16a3f36bfebb158198aab3e340f8 5fe9f505d8578852c30668567bc3ce52e776e8c7 git | Not specified |
| CNA | Linux | Linux | affected a57ebfc0b4da16a3f36bfebb158198aab3e340f8 4e04b564c005c9900643c56656d751ad677889be git | Not specified |
| CNA | Linux | Linux | affected a57ebfc0b4da16a3f36bfebb158198aab3e340f8 7877f7e231a8bd5c817af1491276550a5e195cd7 git | Not specified |
| CNA | Linux | Linux | affected a57ebfc0b4da16a3f36bfebb158198aab3e340f8 ab9256936b58eb178caddcf5b5b1638f079909d2 git | Not specified |
| CNA | Linux | Linux | affected a57ebfc0b4da16a3f36bfebb158198aab3e340f8 f6fc44af3bbd5ab0fb6bdec6f47decca11b38425 git | Not specified |
| CNA | Linux | Linux | affected a57ebfc0b4da16a3f36bfebb158198aab3e340f8 657a091ab6d01d0091b77660c75cfed573c9a53e git | Not specified |
| CNA | Linux | Linux | affected 6.0 | Not specified |
| CNA | Linux | Linux | unaffected 6.0 semver | Not specified |
| CNA | Linux | Linux | unaffected 6.1.175 6.1.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.6.141 6.6.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.12.91 6.12.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.33 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0.10 7.0.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.1 * original_commit_for_fix | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/657a091ab6d01d0091b77660c75cfed573c9a53e | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/ab9256936b58eb178caddcf5b5b1638f079909d2 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/5fe9f505d8578852c30668567bc3ce52e776e8c7 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/7877f7e231a8bd5c817af1491276550a5e195cd7 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/f6fc44af3bbd5ab0fb6bdec6f47decca11b38425 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/4e04b564c005c9900643c56656d751ad677889be | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.