CVE-2026-43302— drm/v3d: Set DMA segment size to avoid debug warnings

EPSS 0.03% · P10 Updated May 09, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-43302

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

drm/v3d: Set DMA segment size to avoid debug warnings

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIG_DMA_API_DEBUG enabled, the kernel occasionally reports a segment size mismatch. This is because 'max_seg_size' is not set. The kernel defaults to 64K. setting 'max_seg_size' to the maximum will prevent 'debug_dma_map_sg()' from complaining about the over-mapping of the V3D segment length. DMA-API: v3d 1002000000.v3d: mapping sg segment longer than device claims to support [len=8290304] [max=65536] WARNING: CPU: 0 PID: 493 at kernel/dma/debug.c:1179 debug_dma_map_sg+0x330/0x388 CPU: 0 UID: 0 PID: 493 Comm: Xorg Not tainted 6.12.53-yocto-standard #1 Hardware name: Raspberry Pi 5 Model B Rev 1.0 (DT) pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : debug_dma_map_sg+0x330/0x388 lr : debug_dma_map_sg+0x330/0x388 sp : ffff8000829a3ac0 x29: ffff8000829a3ac0 x28: 0000000000000001 x27: ffff8000813fe000 x26: ffffc1ffc0000000 x25: ffff00010fdeb760 x24: 0000000000000000 x23: ffff8000816a9bf0 x22: 0000000000000001 x21: 0000000000000002 x20: 0000000000000002 x19: ffff00010185e810 x18: ffffffffffffffff x17: 69766564206e6168 x16: 74207265676e6f6c x15: 20746e656d676573 x14: 20677320676e6970 x13: 5d34303334393134 x12: 0000000000000000 x11: 00000000000000c0 x10: 00000000000009c0 x9 : ffff8000800e0b7c x8 : ffff00010a315ca0 x7 : ffff8000816a5110 x6 : 0000000000000001 x5 : 000000000000002b x4 : 0000000000000002 x3 : 0000000000000008 x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff00010a315280 Call trace: debug_dma_map_sg+0x330/0x388 __dma_map_sg_attrs+0xc0/0x278 dma_map_sgtable+0x30/0x58 drm_gem_shmem_get_pages_sgt+0xb4/0x140 v3d_bo_create_finish+0x28/0x130 [v3d] v3d_create_bo_ioctl+0x54/0x180 [v3d] drm_ioctl_kernel+0xc8/0x140 drm_ioctl+0x2d4/0x4d8

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于v3d驱动未设置max_seg_size，可能导致DMA API调试时报告段长度不匹配。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	57692c94dcbe99a1e0444409a3da13fb3443562c ~ 14d0d6c8b4504a60cfeea74775ab2e0164019e65	-
Linux	Linux	4.18	-

II. Public POCs for CVE-2026-43302

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-43302

请登录查看更多情报信息。

Same Patch Batch · Linux · 2026-05-08 · 199 CVEs total

CVE-2026-43304	9.8 CRITICAL	libceph: define and enforce CEPH_MAX_KEY_LEN
CVE-2026-43341	9.8 CRITICAL	net/ipv6: ioam6: prevent schema length wraparound in trace fill
CVE-2026-43376	9.8 CRITICAL	ksmbd: fix use-after-free by using call_rcu() for oplock_info
CVE-2026-43379	9.8 CRITICAL	ksmbd: fix use-after-free in smb_lazy_parent_lease_break_close()
CVE-2026-43384	9.8 CRITICAL	net/tcp-ao: Fix MAC comparison to be constant-time
CVE-2026-43465	9.8 CRITICAL	net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ
CVE-2026-43402	9.8 CRITICAL	kthread: consolidate kthread exit paths to prevent use-after-free
CVE-2026-43414	9.8 CRITICAL	scsi: qla2xxx: Completely fix fcport double free
CVE-2026-43383	9.4 CRITICAL	net/tcp-md5: Fix MAC comparison to be constant-time
CVE-2026-43406	9.1 CRITICAL	libceph: prevent potential out-of-bounds reads in process_message_header()
CVE-2026-43407	9.1 CRITICAL	libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()
CVE-2026-43284	8.8 HIGH	xfrm: esp: avoid in-place decrypt on shared skb frags
CVE-2026-43322	8.8 HIGH	Bluetooth: hci_sync: Fix UAF in le_read_features_complete
CVE-2026-43334	8.8 HIGH	Bluetooth: SMP: force responder MITM requirements before building the pairing response
CVE-2026-43391	8.8 HIGH	nsfs: tighten permission checks for handle opening
CVE-2026-43403	8.8 HIGH	nsfs: tighten permission checks for ns iteration ioctls
CVE-2026-43291	8.3 HIGH	net: nfc: nci: Fix parameter validation for packet data
CVE-2026-43466	8.2 HIGH	net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery
CVE-2026-43452	8.2 HIGH	netfilter: x_tables: guard option walkers against 1-byte tail reads
CVE-2026-43365	8.2 HIGH	xfs: fix undersized l_iclog_roundoff values

Showing top 20 of 199 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2026-43302

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-43302— drm/v3d: Set DMA segment size to avoid debug warnings

I. Basic Information for CVE-2026-43302

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-43302

III. Intelligence Information for CVE-2026-43302

Same Patch Batch · Linux · 2026-05-08 · 199 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-43302

Leave a comment