{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23295", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.993Z", "datePublished": "2026-03-25T10:26:52.789Z", "dateUpdated": "2026-05-11T22:04:07.249Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:04:07.249Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Fix dead lock for suspend and resume\n\nWhen an application issues a query IOCTL while auto suspend is running,\na deadlock can occur. The query path holds dev_lock and then calls\npm_runtime_resume_and_get(), which waits for the ongoing suspend to\ncomplete. Meanwhile, the suspend callback attempts to acquire dev_lock\nand blocks, resulting in a deadlock.\n\nFix this by releasing dev_lock before calling pm_runtime_resume_and_get()\nand reacquiring it after the call completes. Also acquire dev_lock in the\nresume callback to keep the locking consistent."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/aie2_ctx.c", "drivers/accel/amdxdna/aie2_pci.c", "drivers/accel/amdxdna/aie2_pm.c", "drivers/accel/amdxdna/amdxdna_ctx.c", "drivers/accel/amdxdna/amdxdna_pm.c", "drivers/accel/amdxdna/amdxdna_pm.h"], "versions": [{"version": "063db451832b8849faf1b0b8404b3a6a39995b29", "lessThan": "ac24537478dd8eb2fd3984b4652bb19461e5e74c", "status": "affected", "versionType": "git"}, {"version": "063db451832b8849faf1b0b8404b3a6a39995b29", "lessThan": "1aa82181a3c285c7351523d587f7981ae4c015c8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/aie2_ctx.c", "drivers/accel/amdxdna/aie2_pci.c", "drivers/accel/amdxdna/aie2_pm.c", "drivers/accel/amdxdna/amdxdna_ctx.c", "drivers/accel/amdxdna/amdxdna_pm.c", "drivers/accel/amdxdna/amdxdna_pm.h"], "versions": [{"version": "6.19", "status": "affected"}, {"version": "0", "lessThan": "6.19", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/ac24537478dd8eb2fd3984b4652bb19461e5e74c"}, {"url": "https://git.kernel.org/stable/c/1aa82181a3c285c7351523d587f7981ae4c015c8"}], "title": "accel/amdxdna: Fix dead lock for suspend and resume", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Fix dead lock for suspend and resume\n\nWhen an application issues a query IOCTL while auto suspend is running,\na deadlock can occur. The query path holds dev_lock and then calls\npm_runtime_resume_and_get(), which waits for the ongoing suspend to\ncomplete. Meanwhile, the suspend callback attempts to acquire dev_lock\nand blocks, resulting in a deadlock.\n\nFix this by releasing dev_lock before calling pm_runtime_resume_and_get()\nand reacquiring it after the call completes. Also acquire dev_lock in the\nresume callback to keep the locking consistent."}], "id": "CVE-2026-23295", "lastModified": "2026-03-25T15:41:33.977", "metrics": {}, "published": "2026-03-25T11:16:24.853", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1aa82181a3c285c7351523d587f7981ae4c015c8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ac24537478dd8eb2fd3984b4652bb19461e5e74c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: accel/amdxdna: Fix dead lock for suspend and resume", "id": "2451207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451207"}, "csaw": false, "cwe": "CWE-413", "details": ["A flaw was found in the Linux kernel's accel/amdxdna driver. A local application can trigger a deadlock by issuing a query IOCTL (Input/Output Control) while the system's auto suspend feature is active. This can lead to a Denial of Service (DoS), making the system unresponsive."], "name": "CVE-2026-23295", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23295\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23295\nhttps://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23295-59d2@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[063db451832b8849faf1b0b8404b3a6a39995b29,ac24537478dd8eb2fd3984b4652bb19461e5e74c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[063db451832b8849faf1b0b8404b3a6a39995b29,1aa82181a3c285c7351523d587f7981ae4c015c8)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.19"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,6.19)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.7,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0-rc2,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-03-26T14:06:44.649030+00:00", "value": {"mitigation_remediation": ["Verify the kernel version and confirm whether the accel/amdxdna driver is present.", "Install the latest kernel update that contains the fix for CVE\u20112026\u201123295.", "If an update is not immediately available, consider disabling auto\u2011suspend for the affected device as a temporary measure.", "Reboot the system to clear any pending suspension states."], "summary": {"action": "Apply patch", "impact": "Denial of Service through deadlock affecting system stability and device availability"}, "threat_synthesis": {"affected_systems": "Affected systems are all Linux distributions running a kernel that includes the accel/amdxdna driver before the fix. The advisory lists the generic Linux kernel CPE and does not narrow to specific releases, meaning any kernel with this component is vulnerable until the patch is applied. Administrators of Linux servers, workstations, or embedded devices should verify whether their kernel contains this driver and whether a patched version is available.", "description_and_impact": "The flaw resides in the AMD DNA accelerator driver within the Linux kernel. An application that issues a query IOCTL while the kernel is performing an auto\u2011suspend can cause a deadlock. The driver holds a device lock and then requests a runtime resume, but the suspend routine also needs that lock. Because each side waits for the other, the system stalls. This results in a denial of service: the affected device and potentially the entire system become unresponsive when the device is queried during suspend. The weakness corresponds to the locking misuse identified by CWE\u2011413.", "risk_and_exploitability": "The CVSS score is not supplied, but the EPSS indicates less than 1\u202f% probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. The attack requires local execution: an attacker must be able to run code that can send the IOCTL to the device while the kernel is suspending. While this suggests a limited attack surface, a compromised or malicious application could trigger the deadlock, especially on systems that rely on power\u2011management features. The availability impact is immediate once the deadlock occurs, and no privilege escalation is required."}}}}, "created": "2026-03-25T21:15:35.306910+00:00", "updated": "2026-03-27T09:50:11.332795+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}