{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23295", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.993Z", "datePublished": "2026-03-25T10:26:52.789Z", "dateUpdated": "2026-03-25T10:26:52.789Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-03-25T10:26:52.789Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Fix dead lock for suspend and resume\n\nWhen an application issues a query IOCTL while auto suspend is running,\na deadlock can occur. The query path holds dev_lock and then calls\npm_runtime_resume_and_get(), which waits for the ongoing suspend to\ncomplete. Meanwhile, the suspend callback attempts to acquire dev_lock\nand blocks, resulting in a deadlock.\n\nFix this by releasing dev_lock before calling pm_runtime_resume_and_get()\nand reacquiring it after the call completes. Also acquire dev_lock in the\nresume callback to keep the locking consistent."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/aie2_ctx.c", "drivers/accel/amdxdna/aie2_pci.c", "drivers/accel/amdxdna/aie2_pm.c", "drivers/accel/amdxdna/amdxdna_ctx.c", "drivers/accel/amdxdna/amdxdna_pm.c", "drivers/accel/amdxdna/amdxdna_pm.h"], "versions": [{"version": "063db451832b8849faf1b0b8404b3a6a39995b29", "lessThan": "ac24537478dd8eb2fd3984b4652bb19461e5e74c", "status": "affected", "versionType": "git"}, {"version": "063db451832b8849faf1b0b8404b3a6a39995b29", "lessThan": "1aa82181a3c285c7351523d587f7981ae4c015c8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/aie2_ctx.c", "drivers/accel/amdxdna/aie2_pci.c", "drivers/accel/amdxdna/aie2_pm.c", "drivers/accel/amdxdna/amdxdna_ctx.c", "drivers/accel/amdxdna/amdxdna_pm.c", "drivers/accel/amdxdna/amdxdna_pm.h"], "versions": [{"version": "6.19", "status": "affected"}, {"version": "0", "lessThan": "6.19", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "7.0-rc2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/ac24537478dd8eb2fd3984b4652bb19461e5e74c"}, {"url": "https://git.kernel.org/stable/c/1aa82181a3c285c7351523d587f7981ae4c015c8"}], "title": "accel/amdxdna: Fix dead lock for suspend and resume", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Fix dead lock for suspend and resume\n\nWhen an application issues a query IOCTL while auto suspend is running,\na deadlock can occur. The query path holds dev_lock and then calls\npm_runtime_resume_and_get(), which waits for the ongoing suspend to\ncomplete. Meanwhile, the suspend callback attempts to acquire dev_lock\nand blocks, resulting in a deadlock.\n\nFix this by releasing dev_lock before calling pm_runtime_resume_and_get()\nand reacquiring it after the call completes. Also acquire dev_lock in the\nresume callback to keep the locking consistent."}], "id": "CVE-2026-23295", "lastModified": "2026-03-25T15:41:33.977", "metrics": {}, "published": "2026-03-25T11:16:24.853", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1aa82181a3c285c7351523d587f7981ae4c015c8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ac24537478dd8eb2fd3984b4652bb19461e5e74c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: accel/amdxdna: Fix dead lock for suspend and resume", "id": "2451207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451207"}, "csaw": false, "cwe": "CWE-413", "details": ["A flaw was found in the Linux kernel's accel/amdxdna driver. A local application can trigger a deadlock by issuing a query IOCTL (Input/Output Control) while the system's auto suspend feature is active. This can lead to a Denial of Service (DoS), making the system unresponsive."], "name": "CVE-2026-23295", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23295\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23295\nhttps://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23295-59d2@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[063db451832b8849faf1b0b8404b3a6a39995b29,ac24537478dd8eb2fd3984b4652bb19461e5e74c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[063db451832b8849faf1b0b8404b3a6a39995b29,1aa82181a3c285c7351523d587f7981ae4c015c8)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.19"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,6.19)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.7,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0-rc2,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-03-26T05:36:15.889242+00:00", "value": {"mitigation_remediation": ["Update the Linux kernel to a version that includes the accel/amdxdna deadlock fix."], "summary": {"action": "Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability resides in the accel/amdxdna module of the Linux kernel. All kernel releases containing this module before the commit that releases the device lock prior to runtime resume are at risk. No specific version list is provided, so any unpatched kernel is considered vulnerable.", "description_and_impact": "An application that sends a query IOCTL to the accel/amdxdna driver while the kernel is performing an auto\u2011suspend can trigger a deadlock. The IOCTL handler holds the device lock and then calls pm_runtime_resume_and_get(), waiting for the suspend to finish. Meanwhile, the suspend callback attempts to acquire the same device lock and blocks, creating a circular wait. This flaw, categorized as CWE-413 (Resource Management) and CWE-668 (Race Condition), can freeze the kernel and make the system unresponsive.", "risk_and_exploitability": "The EPSS score is below 1% and the vulnerability is not listed in CISA\u2019s KEV catalog, suggesting a low likelihood of exploitation. The attack vector is inferred as local: an attacker with the ability to issue IOCTLs to the device while it is auto\u2011suspended can trigger the deadlock. The impact is a denial of service that may halt both the module and the wider system, but it does not provide code execution or data exfiltration."}}}}, "created": "2026-03-25T21:15:35.306910+00:00", "updated": "2026-03-26T12:17:01.144321+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}