CVE-2026-52907
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
In the Linux kernel, the rockchip rkcif media driver has an off-by-one bug. Comparisons using > instead of >= may cause out-of-bounds array access. The fix also replaces _MAX enum values with ARRAY_SIZE.
Risk Assessment
The risk involves potential out-of-bounds memory read, which could lead to information disclosure or system instability.
Recommendation
Immediately update the Linux kernel to a version containing the fix for CVE-2026-52907.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: fix off by one bugs Change these comparisons from > vs >= to avoid accessing one element beyond the end of the arrays. While at it, use ARRAY_SIZE instead of the _MAX enum values. [fix cosmetic issues]

