CVE-2026-43294

{"id": "CVE-2026-43294", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2026-05-08T14:16:36.487", "references": [{"url": "https://git.kernel.org/stable/c/41cda667ffc5074c56279c632b0c20024da6ecdd", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/64aa8b3a60a825134f7d866adf05c024bbe0c24c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/79f42487ed60d0d5ffce97c3bb98f80c3d17735a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels\n\nSince commit 56de5e305d4b (\"clk: renesas: r9a07g044: Add MSTOP for RZ/G2L\")\nwe may get the following kernel panic, for some panels, when rebooting:\n\n systemd-shutdown[1]: Rebooting.\n Call trace:\n ...\n do_serror+0x28/0x68\n el1h_64_error_handler+0x34/0x50\n el1h_64_error+0x6c/0x70\n rzg2l_mipi_dsi_host_transfer+0x114/0x458 (P)\n mipi_dsi_device_transfer+0x44/0x58\n mipi_dsi_dcs_set_display_off_multi+0x9c/0xc4\n ili9881c_unprepare+0x38/0x88\n drm_panel_unprepare+0xbc/0x108\n\nThis happens for panels that need to send MIPI-DSI commands in their\nunprepare() callback. Since the MIPI-DSI interface is stopped at that\npoint, rzg2l_mipi_dsi_host_transfer() triggers the kernel panic.\n\nFix by moving rzg2l_mipi_dsi_stop() to new callback function\nrzg2l_mipi_dsi_atomic_post_disable().\n\nWith this change we now have the correct power-down/stop sequence:\n\n systemd-shutdown[1]: Rebooting.\n rzg2l-mipi-dsi 10850000.dsi: rzg2l_mipi_dsi_atomic_disable(): entry\n ili9881c-dsi 10850000.dsi.0: ili9881c_unprepare(): entry\n rzg2l-mipi-dsi 10850000.dsi: rzg2l_mipi_dsi_atomic_post_disable(): entry\n reboot: Restarting system"}], "lastModified": "2026-05-14T19:45:39.853", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40E6DAD9-881B-4BD4-B3F0-5D58086379A4", "versionEndExcluding": "6.18.16", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "373EEEDA-FAA1-4FB4-B6ED-DB4DD99DBE67", "versionEndExcluding": "6.19.6", "versionStartIncluding": "6.19"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}