CVE-2026-43294

Source
https://cve.org/CVERecord?id=CVE-2026-43294
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43294.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-43294
Downstream
Published
2026-05-08T13:11:17.483Z
Modified
2026-07-08T08:13:30.286482495Z
Summary
drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels
Details

In the Linux kernel, the following vulnerability has been resolved:

drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels

Since commit 56de5e305d4b ("clk: renesas: r9a07g044: Add MSTOP for RZ/G2L") we may get the following kernel panic, for some panels, when rebooting:

systemd-shutdown[1]: Rebooting. Call trace: ... doserror+0x28/0x68 el1h64errorhandler+0x34/0x50 el1h64error+0x6c/0x70 rzg2lmipidsihosttransfer+0x114/0x458 (P) mipidsidevicetransfer+0x44/0x58 mipidsidcssetdisplayoffmulti+0x9c/0xc4 ili9881cunprepare+0x38/0x88 drmpanelunprepare+0xbc/0x108

This happens for panels that need to send MIPI-DSI commands in their unprepare() callback. Since the MIPI-DSI interface is stopped at that point, rzg2lmipidsihosttransfer() triggers the kernel panic.

Fix by moving rzg2lmipidsistop() to new callback function rzg2lmipidsiatomicpostdisable().

With this change we now have the correct power-down/stop sequence:

systemd-shutdown[1]: Rebooting. rzg2l-mipi-dsi 10850000.dsi: rzg2lmipidsiatomicdisable(): entry ili9881c-dsi 10850000.dsi.0: ili9881cunprepare(): entry rzg2l-mipi-dsi 10850000.dsi: rzg2lmipidsiatomicpostdisable(): entry reboot: Restarting system

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43294.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7a043f978ed1433bddb088a732e9bb91501ebd76
Fixed
79f42487ed60d0d5ffce97c3bb98f80c3d17735a
Fixed
41cda667ffc5074c56279c632b0c20024da6ecdd
Fixed
64aa8b3a60a825134f7d866adf05c024bbe0c24c

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43294.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43294.json"