Main Vulnerability Database SB2026050997

SB2026050997 - Improper control of a resource through its lifetime in Linux kernel renesas rz-du driver

Published: May 9, 2026

Security Bulletin ID SB2026050997

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper control of a resource through its lifetime (CVE-ID: CVE-2026-43294)

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to improper state management in rzg2l_mipi_dsi_host_transfer() when processing MIPI-DSI commands during panel unprepare on reboot. A local user can trigger a reboot on a system using an affected panel to cause a denial of service.

Only panels that send MIPI-DSI commands in their unprepare() callback are affected.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/41cda667ffc5074c56279c632b0c20024da6ecdd
https://git.kernel.org/stable/c/64aa8b3a60a825134f7d866adf05c024bbe0c24c
https://git.kernel.org/stable/c/79f42487ed60d0d5ffce97c3bb98f80c3d17735a