CVE-2026-43300

drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove()

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove() In jdi_panel_dsi_remove(), jdi is explicitly checked, indicating that it
may be NULL: if (!jdi) mipi_dsi_detach(dsi); However, when jdi is NULL, the function does not return and continues by
calling jdi_panel_disable(): err = jdi_panel_disable(&jdi->base); Inside jdi_panel_disable(), jdi is dereferenced unconditionally, which can
lead to a NULL-pointer dereference: struct jdi_panel *jdi = to_panel_jdi(panel); backlight_disable(jdi->backlight); To prevent such a potential NULL-pointer dereference, return early from
jdi_panel_dsi_remove() when jdi is NULL.

*Credits: N/A

CVSS Scores

NISTv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2026-05-01 CVE Reserved
2026-05-08 CVE Published
2026-05-14 EPSS Updated
2026-05-15 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-476: NULL Pointer Dereference

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/25205087df1ffe06ccea9302944ed1f77dc68c6f	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/ec2f37bbb733cdd7ed7d04171fca728a532414d5	2026-03-04
https://git.kernel.org/stable/c/2f5427d8726b22b807beec248d7d6bf88e291e0b	2026-03-04
https://git.kernel.org/stable/c/83ce0085fabf757b039322928188ad78e962d609	2026-03-04
https://git.kernel.org/stable/c/95eed73b871111123a8b1d31cb1fce7e902e49ea	2026-01-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.12.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.12.75"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.18.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.18.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.19.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.19.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 7.0 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 7.0"		en		Affected