CVE-2026-43300

Source
https://cve.org/CVERecord?id=CVE-2026-43300
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43300.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43300
Downstream
Published
2026-05-08T13:11:21.530Z
Modified
2026-06-18T03:56:08.722402862Z
Summary
drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove()
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/panel: Fix a possible null-pointer dereference in jdipaneldsi_remove()

In jdipaneldsi_remove(), jdi is explicitly checked, indicating that it may be NULL:

if (!jdi) mipidsidetach(dsi);

However, when jdi is NULL, the function does not return and continues by calling jdipaneldisable():

err = jdipaneldisable(&jdi->base);

Inside jdipaneldisable(), jdi is dereferenced unconditionally, which can lead to a NULL-pointer dereference:

struct jdipanel *jdi = topaneljdi(panel); backlightdisable(jdi->backlight);

To prevent such a potential NULL-pointer dereference, return early from jdipaneldsi_remove() when jdi is NULL.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43300.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
25205087df1ffe06ccea9302944ed1f77dc68c6f
Fixed
ec2f37bbb733cdd7ed7d04171fca728a532414d5
Fixed
2f5427d8726b22b807beec248d7d6bf88e291e0b
Fixed
83ce0085fabf757b039322928188ad78e962d609
Fixed
95eed73b871111123a8b1d31cb1fce7e902e49ea

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43300.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43300.json"