{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23295", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.993Z", "datePublished": "2026-03-25T10:26:52.789Z", "dateUpdated": "2026-03-25T10:26:52.789Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-03-25T10:26:52.789Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Fix dead lock for suspend and resume\n\nWhen an application issues a query IOCTL while auto suspend is running,\na deadlock can occur. The query path holds dev_lock and then calls\npm_runtime_resume_and_get(), which waits for the ongoing suspend to\ncomplete. Meanwhile, the suspend callback attempts to acquire dev_lock\nand blocks, resulting in a deadlock.\n\nFix this by releasing dev_lock before calling pm_runtime_resume_and_get()\nand reacquiring it after the call completes. Also acquire dev_lock in the\nresume callback to keep the locking consistent."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/aie2_ctx.c", "drivers/accel/amdxdna/aie2_pci.c", "drivers/accel/amdxdna/aie2_pm.c", "drivers/accel/amdxdna/amdxdna_ctx.c", "drivers/accel/amdxdna/amdxdna_pm.c", "drivers/accel/amdxdna/amdxdna_pm.h"], "versions": [{"version": "063db451832b8849faf1b0b8404b3a6a39995b29", "lessThan": "ac24537478dd8eb2fd3984b4652bb19461e5e74c", "status": "affected", "versionType": "git"}, {"version": "063db451832b8849faf1b0b8404b3a6a39995b29", "lessThan": "1aa82181a3c285c7351523d587f7981ae4c015c8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/aie2_ctx.c", "drivers/accel/amdxdna/aie2_pci.c", "drivers/accel/amdxdna/aie2_pm.c", "drivers/accel/amdxdna/amdxdna_ctx.c", "drivers/accel/amdxdna/amdxdna_pm.c", "drivers/accel/amdxdna/amdxdna_pm.h"], "versions": [{"version": "6.19", "status": "affected"}, {"version": "0", "lessThan": "6.19", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "7.0-rc2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/ac24537478dd8eb2fd3984b4652bb19461e5e74c"}, {"url": "https://git.kernel.org/stable/c/1aa82181a3c285c7351523d587f7981ae4c015c8"}], "title": "accel/amdxdna: Fix dead lock for suspend and resume", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Fix dead lock for suspend and resume\n\nWhen an application issues a query IOCTL while auto suspend is running,\na deadlock can occur. The query path holds dev_lock and then calls\npm_runtime_resume_and_get(), which waits for the ongoing suspend to\ncomplete. Meanwhile, the suspend callback attempts to acquire dev_lock\nand blocks, resulting in a deadlock.\n\nFix this by releasing dev_lock before calling pm_runtime_resume_and_get()\nand reacquiring it after the call completes. Also acquire dev_lock in the\nresume callback to keep the locking consistent."}], "id": "CVE-2026-23295", "lastModified": "2026-03-25T15:41:33.977", "metrics": {}, "published": "2026-03-25T11:16:24.853", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1aa82181a3c285c7351523d587f7981ae4c015c8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ac24537478dd8eb2fd3984b4652bb19461e5e74c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: accel/amdxdna: Fix dead lock for suspend and resume", "id": "2451207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451207"}, "csaw": false, "cwe": "CWE-413", "details": ["A flaw was found in the Linux kernel's accel/amdxdna driver. A local application can trigger a deadlock by issuing a query IOCTL (Input/Output Control) while the system's auto suspend feature is active. This can lead to a Denial of Service (DoS), making the system unresponsive."], "name": "CVE-2026-23295", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23295\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23295\nhttps://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23295-59d2@gregkh/T"]}

{"analysis": {"en": {"generated_at": "2026-03-25T12:29:27.153948+00:00", "value": {"mitigation_remediation": ["Apply a kernel that includes commit 1aa82181a3c285c7351523d587f7981ae4c015c8 or later", "Verify that device suspend/resume cycles complete successfully after updating the kernel", "Check your distribution\u2019s update repository for kernel patches that incorporate the fix"], "summary": {"action": "Patch Immediately", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "This flaw affects any Linux kernel that contains the accel/amdxdna driver before the commit that released dev_lock before resuming. The fix was introduced in commit 1aa82181a3c285c7351523d587f7981ae4c015c8, so kernels older than that or those that have not merged the patch are vulnerable. Distributions that shipped the mainline kernel before the patch or have not applied vendor updates remain at risk.", "description_and_impact": "The AMD DNA accelerator driver in the Linux kernel contains a deadlock bug. An application that issues an IOCTL while the device is in automatic runtime suspension holds the device lock and then calls pm_runtime_resume_and_get(), waiting for the suspend to finish. During that wait, the suspend callback tries to acquire the same lock and blocks, producing an indeterminate deadlock. The resulting lock contention can freeze the device and, since the driver runs in kernel space, may stall scheduling and cause a system hang. The weakness is a classic deadlock condition, classified by CWE\u2010668.", "risk_and_exploitability": "No CVSS or EPSS score is provided, so the exact severity and exploitation probability cannot be quantified. The attack requires the ability to execute a privileged IOCTL against the accelerator driver, which suggests a local attacker with sufficient privileges or a compromised process can trigger the deadlock. The flaw is not listed in the CISA KEV catalog. If triggered, the deadlock can halt device operation and potentially stall the entire system, making the denial of service impactful from a reliability standpoint."}}}}, "created": "2026-03-25T21:15:35.306910+00:00", "updated": "2026-03-25T21:15:35.306945+00:00", "vendors": [], "weaknesses": ["CWE-668"]}