Skip to main content

Linux Kernel EUVDEUVD-2026-28752

| CVE-2026-43446 MEDIUM
Improper Locking (CWE-667)
2026-05-08 Linux GHSA-cqh4-jv7g-jr53
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 21, 2026 - 17:07 vuln.today
CVSS changed
May 21, 2026 - 17:07 NVD
5.5 (MEDIUM)
Patch available
May 08, 2026 - 16:18 EUVD
CVE Published
May 08, 2026 - 14:22 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Fix runtime suspend deadlock when there is pending job

The runtime suspend callback drains the running job workqueue before suspending the device. If a job is still executing and calls pm_runtime_resume_and_get(), it can deadlock with the runtime suspend path.

Fix this by moving pm_runtime_resume_and_get() from the job execution routine to the job submission routine, ensuring the device is resumed before the job is queued and avoiding the deadlock during runtime suspend.

AnalysisAI

Deadlock in the Linux kernel's AMD XDna accelerator driver (accel/amdxdna) causes a local denial-of-service by hanging the runtime power management subsystem. An authenticated local user who triggers job execution on the AMD XDna accelerator while the system simultaneously attempts a runtime suspend can lock the kernel indefinitely. No active exploitation is confirmed and no public exploit code has been identified at time of analysis; the EPSS score of 0.02% (5th percentile) corroborates low exploitation probability.

Technical ContextAI

The affected component is the accel/amdxdna subsystem in the Linux kernel, which manages AMD's XDna neural processing accelerator hardware. The root cause is CWE-667 (Improper Locking): the runtime suspend callback is designed to drain the running job workqueue before suspending the device, but if an active job calls pm_runtime_resume_and_get() - a power-management function that itself requires the runtime PM lock - a circular wait condition (deadlock) results. The fix relocates pm_runtime_resume_and_get() from the job execution path to the job submission path, ensuring the device is fully resumed before the job enters the queue, thereby eliminating the locking contention. CPE data identifies the affected product as cpe:2.3:a:linux:linux in the 6.19.x and pre-7.0 kernel branches, confirmed by EUVD-2026-28752.

RemediationAI

The vendor-released patches are available in Linux 6.19.9 and Linux 7.0; administrators running affected 6.19.x kernels should upgrade to 6.19.9 or later, and those on mainline development branches should apply the fix commit 6b13cb8f48a42ddf6dd98865b673a82e37ff238b. Patch commits are accessible at https://git.kernel.org/stable/c/ac72e7385a2c7533dd766de4197134d96230be85 (stable 6.19 branch) and https://git.kernel.org/stable/c/6b13cb8f48a42ddf6dd98865b673a82e37ff238b (mainline). As a compensating control where patching is immediately impractical, administrators can unload or blacklist the amdxdna kernel module (modprobe -r amdxdna; echo 'blacklist amdxdna' >> /etc/modprobe.d/blacklist.conf), which disables AMD XDna accelerator functionality entirely - acceptable on systems where NPU workloads are non-critical. Alternatively, disabling kernel runtime power management for the affected device via the sysfs power/control interface (echo 'on' > /sys/bus/pci/devices/<BDF>/power/control) prevents the runtime suspend path from being entered, eliminating the deadlock trigger at the cost of increased idle power consumption.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

EUVD-2026-28752 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy