Description
In the Linux kernel, the following vulnerability has been resolved:

net: ipa: fix event ring index not programmed for IPA v5.0+

For IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to
CH_C_CNTXT_1. The v5.0 register definition intended to define this
field in the CH_C_CNTXT_1 fmask array but used the old identifier of
ERINDEX instead of CH_ERINDEX.

Without a valid event ring, GSI channels could never signal transfer
completions. This caused gsi_channel_trans_quiesce() to block
forever in wait_for_completion().

At least for IPA v5.2 this resolves an issue seen where runtime
suspend, system suspend, and remoteproc stop all hanged forever. It
also meant the IPA data path was completely non functional.
Published: 2026-05-08
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A kernel bug in the IPA driver caused the event ring index field to remain unprogrammed for IPA controllers of version 5.0 and higher. Because the index was not set, GSI channels could not signal transfer completions, and the kernel function gsi_channel_trans_quiesce() would wait forever for a bounce that never arrived. This manifests as a system hang during runtime suspend, system suspend, or remoteproc stop operations, effectively disabling IPA‑based data paths.

Affected Systems

The flaw exists in the Linux kernel’s IPA driver for any distribution that ships a kernel version lacking the fix. All implementations that support IPA controllers v5.0 or later are potentially affected until the code is updated to program the correct CH_ERINDEX field.

Risk and Exploitability

The vulnerability is an internal kernel defect that can lead to a system hang when running certain operations such as runtime suspend, system suspend, or remoteproc stop. No public exploit is known. Based on the description, it is inferred that an attacker with local or privileged access who can trigger these operations could induce a denial‑of‑service state. The CVSS score of 5.5 indicates moderate impact. With EPSS not available and not listed in KEV, the likelihood of exploitation is uncertain but can arise if such conditions are met.

Generated by OpenCVE AI on May 9, 2026 at 02:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that includes the IPA driver fix
  • Avoid operations that trigger runtime suspend, system suspend, or remoteproc stop while the vulnerability remains
  • If an up‑to‑date kernel is not available, backport the patch from the kernel.org commit history and apply it to your kernel

Generated by OpenCVE AI on May 9, 2026 at 02:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 09 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1285
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Fri, 08 May 2026 14:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix event ring index not programmed for IPA v5.0+ For IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to CH_C_CNTXT_1. The v5.0 register definition intended to define this field in the CH_C_CNTXT_1 fmask array but used the old identifier of ERINDEX instead of CH_ERINDEX. Without a valid event ring, GSI channels could never signal transfer completions. This caused gsi_channel_trans_quiesce() to block forever in wait_for_completion(). At least for IPA v5.2 this resolves an issue seen where runtime suspend, system suspend, and remoteproc stop all hanged forever. It also meant the IPA data path was completely non functional.
Title net: ipa: fix event ring index not programmed for IPA v5.0+
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-08T13:39:31.222Z

Reserved: 2026-05-01T14:12:56.003Z

Link: CVE-2026-43345

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-08T14:16:44.547

Modified: 2026-05-08T14:16:44.547

Link: CVE-2026-43345

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43345 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-09T03:00:11Z

Weaknesses