Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2026-43302

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/05/2026
Last modified:
15/05/2026

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/v3d: Set DMA segment size to avoid debug warnings<br /> <br /> When using V3D rendering with CONFIG_DMA_API_DEBUG enabled, the<br /> kernel occasionally reports a segment size mismatch. This is because<br /> &amp;#39;max_seg_size&amp;#39; is not set. The kernel defaults to 64K. setting<br /> &amp;#39;max_seg_size&amp;#39; to the maximum will prevent &amp;#39;debug_dma_map_sg()&amp;#39;<br /> from complaining about the over-mapping of the V3D segment length.<br /> <br /> DMA-API: v3d 1002000000.v3d: mapping sg segment longer than device<br /> claims to support [len=8290304] [max=65536]<br /> WARNING: CPU: 0 PID: 493 at kernel/dma/debug.c:1179 debug_dma_map_sg+0x330/0x388<br /> CPU: 0 UID: 0 PID: 493 Comm: Xorg Not tainted 6.12.53-yocto-standard #1<br /> Hardware name: Raspberry Pi 5 Model B Rev 1.0 (DT)<br /> pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)<br /> pc : debug_dma_map_sg+0x330/0x388<br /> lr : debug_dma_map_sg+0x330/0x388<br /> sp : ffff8000829a3ac0<br /> x29: ffff8000829a3ac0 x28: 0000000000000001 x27: ffff8000813fe000<br /> x26: ffffc1ffc0000000 x25: ffff00010fdeb760 x24: 0000000000000000<br /> x23: ffff8000816a9bf0 x22: 0000000000000001 x21: 0000000000000002<br /> x20: 0000000000000002 x19: ffff00010185e810 x18: ffffffffffffffff<br /> x17: 69766564206e6168 x16: 74207265676e6f6c x15: 20746e656d676573<br /> x14: 20677320676e6970 x13: 5d34303334393134 x12: 0000000000000000<br /> x11: 00000000000000c0 x10: 00000000000009c0 x9 : ffff8000800e0b7c<br /> x8 : ffff00010a315ca0 x7 : ffff8000816a5110 x6 : 0000000000000001<br /> x5 : 000000000000002b x4 : 0000000000000002 x3 : 0000000000000008<br /> x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff00010a315280<br /> Call trace:<br /> debug_dma_map_sg+0x330/0x388<br /> __dma_map_sg_attrs+0xc0/0x278<br /> dma_map_sgtable+0x30/0x58<br /> drm_gem_shmem_get_pages_sgt+0xb4/0x140<br /> v3d_bo_create_finish+0x28/0x130 [v3d]<br /> v3d_create_bo_ioctl+0x54/0x180 [v3d]<br /> drm_ioctl_kernel+0xc8/0x140<br /> drm_ioctl+0x2d4/0x4d8

Impact

Vector 3.x
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 5.50 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x
5.50
Severity 3.x
MEDIUM

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 4.18 (including) 5.15.202 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.16 (including) 6.1.165 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.2 (including) 6.6.128 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.7 (including) 6.12.75 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.13 (including) 6.18.16 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.19 (including) 6.19.6 (excluding)

To consult the complete list of CPE names with products and versions, see this page


References to Advisories, Solutions, and Tools