CVE-2026-53356
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/gem: Fix phys BO pread/pwrite with offset
sg_page() returns struct page pointer not (void *) so the scaling
of pread/pwrite is wrong for phys BO and wrong parts of BO would be
accessed if non-zero offset is used.
Last impacted platform with overlay or cursor planes using phys
mapping was Gen3/945G/Lakeport.
(cherry picked from commit 3e49a2f85070b2fb672c1e0fdba281a4ea3aebe6)
drm/i915/gem: Fix phys BO pread/pwrite with offset
sg_page() returns struct page pointer not (void *) so the scaling
of pread/pwrite is wrong for phys BO and wrong parts of BO would be
accessed if non-zero offset is used.
Last impacted platform with overlay or cursor planes using phys
mapping was Gen3/945G/Lakeport.
(cherry picked from commit 3e49a2f85070b2fb672c1e0fdba281a4ea3aebe6)
Vulnerability Details
Published Date
Last Modified
Source
NVD
Vendor
Linux
Product
Linux
External References
- https://git.kernel.org/stable/c/07c33be968d9e0cab6cba38c81850a09942fcb2e
- https://git.kernel.org/stable/c/14469860e2e39b7095dcd658d2bad38a11110a68
- https://git.kernel.org/stable/c/1ec8fc63e9cdb22da54e48e536c9204020416fc6
- https://git.kernel.org/stable/c/32d4c5d328a3ff995420f4f85163e1e403f43628
- https://git.kernel.org/stable/c/3bd168dd835b93a3862cd05b0d13c432b115f9d6
- https://git.kernel.org/stable/c/40f738991058eb3e3530c3006a5bd6fd5e29f035
- https://git.kernel.org/stable/c/d21ad938398bca695a511307de38a65889e3b354
- https://git.kernel.org/stable/c/dd51a2eeb93bc6faa892ff9083911dd23f82c187
Discussion (0)
Add Comment
No comments yet. Be the first!