CVE-2026-23049

Name	CVE-2026-23049
Description	In the Linux kernel, the following vulnerability has been resolved: drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel The connector type for the DataImage SCF0700C48GGU18 panel is missing and devm_drm_panel_bridge_add() requires connector type to be set. This leads to a warning and a backtrace in the kernel log and panel does not work: " WARNING: CPU: 3 PID: 38 at drivers/gpu/drm/bridge/panel.c:379 devm_drm_of_get_bridge+0xac/0xb8 " The warning is triggered by a check for valid connector type in devm_drm_panel_bridge_add(). If there is no valid connector type set for a panel, the warning is printed and panel is not added. Fill in the missing connector type to fix the warning and make the panel operational once again.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-4475-1, DLA-4476-1, DSA-6126-1, DSA-6127-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
linux (PTS)	bullseye	5.10.223-1	vulnerable
	bullseye (security)	5.10.249-1	fixed
	bookworm	6.1.159-1	vulnerable
	bookworm (security)	6.1.162-1	fixed
	trixie	6.12.63-1	vulnerable
	trixie (security)	6.12.73-1	fixed
	forky, sid	6.18.12-1	fixed
linux-6.1 (PTS)	bullseye (security)	6.1.162-1~deb11u1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin
linux	source	bullseye	5.10.249-1	DLA-4475-1
linux	source	bookworm	6.1.162-1	DSA-6127-1
linux	source	trixie	6.12.69-1	DSA-6126-1
linux	source	(unstable)	6.18.8-1
linux-6.1	source	bullseye	6.1.162-1~deb11u1	DLA-4476-1

https://git.kernel.org/linus/6ab3d4353bf75005eaa375677c9fed31148154d6 (6.19-rc6)