CVE-2026-23049
CVE-2026-23049 is a security vulnerability that is still awaiting full analysis and scoring. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- EPSS exploit prediction: 0% (7th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2026-5497
- Published:
- Last modified:
Description
In the Linux kernel, the following vulnerability has been resolved: drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel The connector type for the DataImage SCF0700C48GGU18 panel is missing and devm_drm_panel_bridge_add() requires connector type to be set. This leads to a warning and a backtrace in the kernel log and panel does not work: " WARNING: CPU: 3 PID: 38 at drivers/gpu/drm/bridge/panel.c:379 devm_drm_of_get_bridge+0xac/0xb8 " The warning is triggered by a check for valid connector type in devm_drm_panel_bridge_add(). If there is no valid connector type set for a panel, the warning is printed and panel is not added. Fill in the missing connector type to fix the warning and make the panel operational once again.
Frequently asked questions
- What is CVE-2026-23049?
- In the Linux kernel, the following vulnerability has been resolved: drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel The connector type for the DataImage SCF0700C48GGU18 panel is missing and devm_drm_panel_bridge_add() requires connector type to be set. This leads to a warning and a backtrace in the kernel log and panel does not work: " WARNING: CPU: 3 PID: 38 at drivers/gpu/drm/bridge/panel.c:379 devm_drm_of_get_bridge+0xac/0xb8 " The warning is triggered by a check for valid connector type in devm_drm_panel_bridge_add(). If there is no valid connector type set for a panel, the warning is printed and panel is not added. Fill in the missing connector type to fix the warning and make the panel operational once again.
- Is CVE-2026-23049 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (7th percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2026-23049?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2026-23049 have an EU (EUVD) identifier?
- Yes. CVE-2026-23049 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2026-5497.
- When was CVE-2026-23049 published?
- CVE-2026-23049 was published on 2026-02-04 and last updated on 2026-06-17.
References
- https://git.kernel.org/stable/c/04218cd68d1502000823c8288f37b4f171dcdcae
- https://git.kernel.org/stable/c/6ab3d4353bf75005eaa375677c9fed31148154d6
- https://git.kernel.org/stable/c/83e0d8d22e7ee3151af1951595104887eebed6ab
- https://git.kernel.org/stable/c/bb309377eece5317207d71fd833f99cca4727fbd
- https://git.kernel.org/stable/c/bc0b17bdba3838e9e17e7e9adc968384ac99938b
- https://git.kernel.org/stable/c/f4c330b4499e7334ec6fce535574e09d55843d71
- https://git.kernel.org/stable/c/f7940d3ec1dc6bf719eddc69d4b8e52cc2201896