CVE Catalog

CVE-2026-53279

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

In the Linux kernel, the gma500 DRM driver for Oaktrail LVDS displays has a bug causing a hang during initialization. The LVDS init code retrieves an I2C adapter via i2c_get_adapter() and on failure attempts to deregister and free also that adapter, which was not allocated by the driver. Since i2c_get_adapter() increments the reference count, the deregistration waits indefinitely for the reference to be released, resulting in a permanent hang.

Risk Assessment

An organization may experience a complete system hang during boot or when an LVDS display is connected, preventing operation and requiring a manual reboot. This vulnerability affects systems running Linux kernel with the legacy gma500 graphics driver, such as embedded systems or older laptops.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit in drm/gma500/oaktrail_lvds). If an update is not possible, temporarily disable LVDS support in the gma500 driver via kernel parameter or module blacklist.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktrail_lvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2c_get_adapter() and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling does not separate these cases so on a late init failure it will try to deregister and free also an adapter that had previously been registered. Since i2c_get_adapter() takes another reference to the adapter, deregistration hangs indefinitely while waiting for the reference to be released. Fix this by only destroying adapters allocated during LVDS init on errors.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS