Skip to main content

Linux Kernel CVE-2026-43311

| EUVDEUVD-2026-28581 MEDIUM
2026-05-08 Linux GHSA-5vxj-rjpg-8mhr
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
5.5 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 15, 2026 - 20:15 vuln.today
CVSS changed
May 15, 2026 - 18:07 NVD
5.5 (MEDIUM)
Patch available
May 08, 2026 - 14:33 EUVD
CVE Published
May 08, 2026 - 13:11 nvd
UNKNOWN (no severity yet)

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

soc/tegra: pmc: Fix unsafe generic_handle_irq() call

Currently, when resuming from system suspend on Tegra platforms, the following warning is observed:

WARNING: CPU: 0 PID: 14459 at kernel/irq/irqdesc.c:666 Call trace: handle_irq_desc+0x20/0x58 (P) tegra186_pmc_wake_syscore_resume+0xe4/0x15c syscore_resume+0x3c/0xb8 suspend_devices_and_enter+0x510/0x540 pm_suspend+0x16c/0x1d8

The warning occurs because generic_handle_irq() is being called from a non-interrupt context which is considered as unsafe.

Fix this warning by deferring generic_handle_irq() call to an IRQ work which gets executed in hard IRQ context where generic_handle_irq() can be called safely.

When PREEMPT_RT kernels are used, regular IRQ work (initialized with init_irq_work) is deferred to run in per-CPU kthreads in preemptible context rather than hard IRQ context. Hence, use the IRQ_WORK_INIT_HARD variant so that with PREEMPT_RT kernels, the IRQ work is processed in hardirq context instead of being deferred to a thread which is required for calling generic_handle_irq().

On non-PREEMPT_RT kernels, both init_irq_work() and IRQ_WORK_INIT_HARD() execute in IRQ context, so this change has no functional impact for standard kernel configurations.

[treding@nvidia.com: miscellaneous cleanups]

AnalysisAI

Linux kernel's Tegra PMC driver can trigger kernel warnings and potential denial of service during system resume by calling generic_handle_irq() from non-interrupt context. Affects Tegra186 and later platforms running Linux kernel versions prior to 6.19.6 and 7.0. CVSS 5.5 indicates local low-complexity exploitation requiring authenticated access. EPSS score of 0.02% (5th percentile) suggests minimal observed exploitation activity. Vendor patches available via stable kernel tree commits.

Technical ContextAI

The vulnerability resides in the Tegra PMC (Power Management Controller) driver's system suspend/resume infrastructure (soc/tegra/pmc). The tegra186_pmc_wake_syscore_resume() function incorrectly invokes generic_handle_irq() directly from syscore_resume context, which executes in process context during system resume operations. The kernel's IRQ descriptor handling code (kernel/irq/irqdesc.c:666) explicitly validates execution context and generates warnings when generic_handle_irq() is called outside hard IRQ context, as this violates IRQ handling safety invariants. On PREEMPT_RT configurations, the safety violation becomes more severe since regular IRQ work executes in preemptible kthreads rather than hardirq context. The fix defers IRQ handling to IRQ work infrastructure using IRQ_WORK_INIT_HARD to guarantee hard IRQ context execution across both standard and PREEMPT_RT kernel builds. This affects Nvidia Tegra186/194/234 SoC platforms which are ARM64-based systems commonly used in automotive and embedded applications.

RemediationAI

Upgrade to Linux kernel version 6.19.6 or 7.0 or later, which contain vendor-released patches (upstream commits e6d96073af681780820c94079b978474a8a44413 and 64016227dcdb968b7030eda04304f3d0df5d209d available at https://git.kernel.org/stable/). For systems unable to upgrade immediately, apply compensating controls: disable suspend/resume functionality via kernel command line parameter 'no_console_suspend' or systemd sleep configuration to prevent execution of vulnerable code path (trade-off: loss of power management features increases energy consumption). On PREEMPT_RT kernels specifically, ensure IRQ threading is properly configured to isolate IRQ context violations. For embedded systems with custom kernel builds, backport the two-commit fix series which refactors tegra186_pmc_wake_syscore_resume to use init_irq_work with IRQ_WORK_INIT_HARD flag. Compensating controls significantly impact power efficiency and are unsuitable for battery-powered or automotive applications requiring suspend/resume. Long-term mitigation requires kernel upgrade to stable release incorporating vendor fix.

More in Nvidia

View all
CVE-2016-1741 CRITICAL POC
9.8 Mar 24

The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary c

CVE-2013-0109 HIGH POC
7.2 Apr 08

The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not

CVE-2019-5684 CRITICAL POC
10.0 Aug 06

NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially craft

CVE-2026-24207 CRITICAL POC
9.8 May 20

Authentication bypass in NVIDIA Triton Inference Server allows unauthenticated remote attackers to reach protected funct

CVE-2019-5685 CRITICAL POC
9.8 Aug 06

NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially craft

CVE-2025-23359 HIGH POC
8.3 Feb 12

NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default co

CVE-2016-8812 HIGH POC
8.8 Nov 08

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before G

CVE-2016-1861 HIGH POC
7.8 Jun 19

The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privi

CVE-2024-0132 HIGH POC
8.3 Sep 26

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with de

CVE-2016-1846 HIGH POC
7.8 May 20

The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows a

CVE-2015-7865 HIGH POC
7.7 Nov 24

nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before

CVE-2016-8811 HIGH POC
7.8 Nov 08

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 3

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

CVE-2026-43311 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy