CVE-2026-23049
Description
In the Linux kernel, the following vulnerability has been resolved:
drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel
The connector type for the DataImage SCF0700C48GGU18 panel is missing and devm_drm_panel_bridge_add() requires connector type to be set. This leads to a warning and a backtrace in the kernel log and panel does not work: " WARNING: CPU: 3 PID: 38 at drivers/gpu/drm/bridge/panel.c:379 devm_drm_of_get_bridge+0xac/0xb8 " The warning is triggered by a check for valid connector type in devm_drm_panel_bridge_add(). If there is no valid connector type set for a panel, the warning is printed and panel is not added. Fill in the missing connector type to fix the warning and make the panel operational once again.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A missing connector type in the Linux kernel's drm/panel-simple driver for the DataImage SCF0700C48GGU18 panel causes a warning and prevents the panel from working.
A vulnerability in the Linux kernel's DRM subsystem (drm/panel-simple) affects the DataImage SCF0700C48GGU18 panel. The connector type for this panel was not set in the panel descriptor. The function devm_drm_panel_bridge_add() requires a valid connector type to be defined; if it is missing, a WARN_ON check triggers a kernel warning and backtrace, and the panel is not added to the display pipeline [1] [2] [3]. Root cause is an incomplete structure initialization in the panel driver.
Exploitation
This bug is triggered during normal system boot or module loading when the kernel attempts to register the panel. No special privileges or network access are required; it manifests automatically on systems using the affected panel with a kernel version containing the flawed commit. The warning is printed to the kernel log, and the display is non-functional.
Impact
An attacker who can cause the system to boot or reload the DRM driver can trigger the warning, but the primary impact is denial of service for the display output. The panel will not operate, leaving the system headless or with a blank screen. There is no information disclosure or privilege escalation.
Mitigation
The fix is contained in commits applied to the Linux kernel stable trees [1] [2] [3]. The solution adds the missing connector type (DRM_MODE_CONNECTOR_DPI) to the panel's structure. Users should update their kernel to a version containing the fix. No workaround exists short of patching or using a different panel.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- git.kernel.org/stable/c/04218cd68d1502000823c8288f37b4f171dcdcaenvd
- git.kernel.org/stable/c/6ab3d4353bf75005eaa375677c9fed31148154d6nvd
- git.kernel.org/stable/c/83e0d8d22e7ee3151af1951595104887eebed6abnvd
- git.kernel.org/stable/c/bb309377eece5317207d71fd833f99cca4727fbdnvd
- git.kernel.org/stable/c/bc0b17bdba3838e9e17e7e9adc968384ac99938bnvd
- git.kernel.org/stable/c/f4c330b4499e7334ec6fce535574e09d55843d71nvd
- git.kernel.org/stable/c/f7940d3ec1dc6bf719eddc69d4b8e52cc2201896nvd
News mentions
0No linked articles in our index yet.