U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2026-53329

Change History

New CVE Received from kernel.org 7/01/2026 10:16:40 AM

Action Type Old Value New Value
Added Description

                  
                
              
In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Use krealloc_array() in dal_vector_reserve()

[Why & How]
dal_vector_reserve() computes the allocation size as
"capacity * vector->struct_size" using uint32_t arithmetic, which can
silently wrap to a small value on overflow. This would cause krealloc to
return a smaller buffer than expected, leading to heap overflows on
subsequent vector appends.

Replace krealloc() with krealloc_array() which performs an internal
overflow check and returns NULL on wrap, preventing the issue.

(cherry picked from commit 37668568641ccc4cc1dbca4923d0a16609dd5707)
Added Reference

                  
                
              
https://git.kernel.org/stable/c/201151e120f0062bcda21cad5d007b82725ad23b
Added Reference

                  
                
              
https://git.kernel.org/stable/c/31180638a33acad12c863132704a76536fb66211
Added Reference

                  
                
              
https://git.kernel.org/stable/c/a914aa802669e073f014dae2e5708633b5cecd34
Added Reference

                  
                
              
https://git.kernel.org/stable/c/b15825deac1acff72638bbc8f05b89ceef8dfb13
Added Reference

                  
                
              
https://git.kernel.org/stable/c/da48bc4461b8a5ebfb9264c9b191a701d8e99009
Added Reference

                  
                
              
https://git.kernel.org/stable/c/de988c7a31f0774f07894cfe4802996f318e2870
Added Reference

                  
                
              
https://git.kernel.org/stable/c/e09689286385a66311ac6922af95339d7a3cef8d
Added Affected

                  
                
              
[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/amd/display/dc/basics/vector.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2004f45ef83f07f43f5da6ede780b08068c7583d","lessThan":"31180638a33acad12c863132704a76536fb66211","versionType":"git","status":"affected"},{"version":"2004f45ef83f07f43f5da6ede780b08068c7583d","lessThan":"b15825deac1acff72638bbc8f05b89ceef8dfb13","versionType":"git","status":"affected"},{"version":"2004f45ef83f07f43f5da6ede780b08068c7583d","lessThan":"201151e120f0062bcda21cad5d007b82725ad23b","versionType":"git","status":"affected"},{"version":"2004f45ef83f07f43f5da6ede780b08068c7583d","lessThan":"a914aa802669e073f014dae2e5708633b5cecd34","versionType":"git","status":"affected"},{"version":"2004f45ef83f07f43f5da6ede780b08068c7583d","lessThan":"e09689286385a66311ac6922af95339d7a3cef8d","versionType":"git","status":"affected"},{"version":"2004f45ef83f07f43f5da6ede780b08068c7583d","lessThan":"de988c7a31f0774f07894cfe4802996f318e2870","versionType":"git","status":"affected"},{"version":"2004f45ef83f07f43f5da6ede780b08068c7583d","lessThan":"da48bc4461b8a5ebfb9264c9b191a701d8e99009","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/amd/display/dc/basics/vector.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.15","status":"affected"},{"version":"0","lessThan":"4.15","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]