0.0
NA
CVE-2026-53329
drm/amd/display: Use krealloc_array() in dal_vector_reserve()
Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Use krealloc_array() in dal_vector_reserve() [Why & How] dal_vector_reserve() computes the allocation size as "capacity * vector->struct_size" using uint32_t arithmetic, which can silently wrap to a small value on overflow. This would cause krealloc to return a smaller buffer than expected, leading to heap overflows on subsequent vector appends. Replace krealloc() with krealloc_array() which performs an internal overflow check and returns NULL on wrap, preventing the issue. (cherry picked from commit 37668568641ccc4cc1dbca4923d0a16609dd5707)

INFO

Published Date :

July 1, 2026, 1:32 p.m.

Last Modified :

July 1, 2026, 1:32 p.m.

Remotely Exploit :

No

Source :

Linux
Affected Products

The following products are affected by CVE-2026-53329 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

Solution
Prevent heap overflows by replacing krealloc with krealloc_array for safer memory allocation.
  • Replace krealloc with krealloc_array.
  • Ensure overflow checks are performed.
  • Apply the fix to the dal_vector_reserve function.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-53329 vulnerability anywhere in the article.

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.