CVE-2026-53066 - Vulnerability Details

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/sun4i: backend: fix error pointer dereference

The function drm_atomic_get_plane_state() can return an error pointer
and is not checked for it. Add error pointer check.

Detected by Smatch:
drivers/gpu/drm/sun4i/sun4i_backend.c:496 sun4i_backend_atomic_check() error:
'plane_state' dereferencing possible ERR_PTR()

Published: 2026-06-24

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability arises from an error pointer dereference in the sun4i DRM backend. The function drm_atomic_get_plane_state can return an error pointer, but the driver does not check this, leading to a potential kernel crash or denial of service when malicious or malformed data triggers this code path. This is a classic null pointer dereference flaw (CWE‑476) that can destabilize the kernel.

Affected Systems

The affected component is the sun4i DRM backend, part of the Linux kernel for Allwinner SoCs. Vendors that ship Linux kernels with this driver (including many embedded systems and custom distributions) may be impacted. No specific kernel version numbers are listed in the advisory, so any kernel containing this code path before the fix is potentially vulnerable.

Risk and Exploitability

The CVSS score is not provided, and no EPSS is available, but the flaw can cause a kernel panic, leading to service disruption. The attack likely requires local privilege or access to the DRM subsystem to trigger the problematic call. There is no KEV listing and no known public exploits yet, but the nature of the bug means a local attacker could obtain a DoS. The patch is embedded in the kernel tree but there is no official release noted; administrators should seek the latest kernel that contains the fix.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`96180dde23b799272ab2e7d47210c8840799d0d2`	affected	< ea51fd96aca01381e8f1ac0c671a57b7619193bb
`96180dde23b799272ab2e7d47210c8840799d0d2`	affected	< cf615b90a11a39a28e313be5e508e94bcde72016
`96180dde23b799272ab2e7d47210c8840799d0d2`	affected	< 779c2f10743fc021f2f0ebe2b188cadfb973c5e4
`96180dde23b799272ab2e7d47210c8840799d0d2`	affected	< 47038159c559824f4dbfb5b0d87b9b3416663372
`96180dde23b799272ab2e7d47210c8840799d0d2`	affected	< e9bef62f1bb9fcb38223730657af20f4c6283c16
`96180dde23b799272ab2e7d47210c8840799d0d2`	affected	< 06277983eca4a31d3c2114fa33d99a6e82484b11

Linux

affected

Version	Status	Constraints
`4.17`	affected	—
`0`	unaffected	< 4.17
`6.1.175`	unaffected	≤ 6.1.*
`6.6.141`	unaffected	≤ 6.6.*
`6.12.91`	unaffected	≤ 6.12.*
`6.18.33`	unaffected	≤ 6.18.*
`7.0.10`	unaffected	≤ 7.0.*
`7.1`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest Linux kernel that includes the sun4i DRM patch.
If an update cannot be applied immediately, disable the sun4i DRM module or avoid using DRM interfaces that invoke the affected code path until a patch is available.
Audit system logs for abnormal kernel panics and review DRM activity for anomalous requests.

Generated by OpenCVE AI on June 24, 2026 at 19:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/06277983eca4a31d3c2114fa33d99a6e82484b11
https://git.kernel.org/stable/c/47038159c559824f4dbfb5b0d87b9b3416663372
https://git.kernel.org/stable/c/779c2f10743fc021f2f0ebe2b188cadfb973c5e4
https://git.kernel.org/stable/c/cf615b90a11a39a28e313be5e508e94bcde72016
https://git.kernel.org/stable/c/e9bef62f1bb9fcb38223730657af20f4c6283c16
https://git.kernel.org/stable/c/ea51fd96aca01381e8f1ac0c671a57b7619193bb

History

Wed, 24 Jun 2026 19:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-476

Wed, 24 Jun 2026 17:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: backend: fix error pointer dereference The function drm_atomic_get_plane_state() can return an error pointer and is not checked for it. Add error pointer check. Detected by Smatch: drivers/gpu/drm/sun4i/sun4i_backend.c:496 sun4i_backend_atomic_check() error: 'plane_state' dereferencing possible ERR_PTR()
Title		drm/sun4i: backend: fix error pointer dereference
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/06277983eca4a31d3c2114fa33d99a6e82484b11 https://git.kernel.org/stable/c/47038159c559824f4dbfb5b0d87b9b3416663372 https://git.kernel.org/stable/c/779c2f10743fc021f2f0ebe2b188cadfb973c5e4 https://git.kernel.org/stable/c/cf615b90a11a39a28e313be5e508e94bcde72016 https://git.kernel.org/stable/c/e9bef62f1bb9fcb38223730657af20f4c6283c16 https://git.kernel.org/stable/c/ea51fd96aca01381e8f1ac0c671a57b7619193bb

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-24T16:30:08.824Z

Updated: 2026-06-24T16:30:08.824Z

Reserved: 2026-06-09T07:44:35.382Z

Link: CVE-2026-53066

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-24T19:30:08Z

Weaknesses

CWE-476
NULL Pointer Dereference

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object