CVE-2026-43446 - Vulnerability Details

- accel/amdxdna: Fix runtime suspend deadlock when there is pending job

Description

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Fix runtime suspend deadlock when there is pending job

The runtime suspend callback drains the running job workqueue before
suspending the device. If a job is still executing and calls
pm_runtime_resume_and_get(), it can deadlock with the runtime suspend
path.

Fix this by moving pm_runtime_resume_and_get() from the job execution
routine to the job submission routine, ensuring the device is resumed
before the job is queued and avoiding the deadlock during runtime
suspend.

Published: 2026-05-08

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability is a concurrency defect in the Linux kernel’s AMD X‑DNA accelerator driver. The runtime suspend callback drains the job workqueue before suspending the device. If a job that is still executing calls pm_runtime_resume_and_get(), it may re‑enter the suspend path and deadlock with the runtime suspend code. The deadlock prevents the device from completing suspend or resume operations, halting workloads that rely on the accelerator. The weakness is captured by CWE‑367 (Deadlock).

Affected Systems

All Linux kernel releases containing the AMD X‑DNA driver before the application of commit 6b13cb8f48a42ddf6dd98865b673a82e37ff238b are affected. This covers every mainline kernel shipped with the driver code preceding that commit. The flaw applies only to systems that have an AMD X‑DNA accelerator and the associated driver installed.

Risk and Exploitability

EPSS data indicates a low probability of exploitation, with a score of less than 1%. Based on the description, it is inferred that an attacker would need the ability to submit jobs to the device, which typically requires local or privileged access. With such access, the attacker could trigger the deadlock during a runtime suspend, causing a local denial of service against the device and any workloads that depend on it. The vulnerability is not listed in the CISA KEV catalog, and no remote execution or data exfiltration is possible from this issue.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`063db451832b8849faf1b0b8404b3a6a39995b29`	affected	< ac72e7385a2c7533dd766de4197134d96230be85
`063db451832b8849faf1b0b8404b3a6a39995b29`	affected	< 6b13cb8f48a42ddf6dd98865b673a82e37ff238b

Linux

affected

Version	Status	Constraints
`6.19`	affected	—
`0`	unaffected	< 6.19
`6.19.9`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc1::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc2::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc3::::::

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[063db451832b8849faf1b0b8404b3a6a39995b29,ac72e7385a2c7533dd766de4197134d96230be85)`	affected	code_commit	—
`[063db451832b8849faf1b0b8404b3a6a39995b29,6b13cb8f48a42ddf6dd98865b673a82e37ff238b)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.19`	affected	generic	—
`[0,6.19)`	unaffected	generic	—
`[6.19.9,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the kernel to a version that includes commit 6b13cb8f48a42ddf6dd98865b673a82e37ff238b or a later release, ensuring the driver contains the reordered pm_runtime_resume_and_get() call.
If a patched kernel is not immediately available, cherry‑pick the patch from the commit into your current kernel source, rebuild the kernel, and reboot so that the updated driver module is loaded.
As a temporary workaround, disable runtime autosuspend for the AMD X‑DNA device or unload the driver entirely until the patch is applied.

Generated by OpenCVE AI on May 21, 2026 at 19:08 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00016.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/6b13cb8f48a42ddf6dd98865b673a82e37ff238b
https://git.kernel.org/stable/c/ac72e7385a2c7533dd766de4197134d96230be85
https://lore.kernel.org/linux-cve-announce/2026050856-CVE-2026-43446-5b42@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-43446
https://www.cve.org/CVERecord?id=CVE-2026-43446

History

Thu, 21 May 2026 17:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-667
CPEs		cpe:2.3:o:linux:linux_kernel:7.0:rc1:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc2:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc3::::::
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Sat, 09 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-417

Sat, 09 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-367
References		https://lore.kernel.org/linux-cve-announce/2026050856-CVE-2026-43446-5b42@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-43446 https://www.cve.org/CVERecord?id=CVE-2026-43446

Fri, 08 May 2026 20:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-417

Fri, 08 May 2026 14:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix runtime suspend deadlock when there is pending job The runtime suspend callback drains the running job workqueue before suspending the device. If a job is still executing and calls pm_runtime_resume_and_get(), it can deadlock with the runtime suspend path. Fix this by moving pm_runtime_resume_and_get() from the job execution routine to the job submission routine, ensuring the device is resumed before the job is queued and avoiding the deadlock during runtime suspend.
Title		accel/amdxdna: Fix runtime suspend deadlock when there is pending job
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/6b13cb8f48a42ddf6dd98865b673a82e37ff238b https://git.kernel.org/stable/c/ac72e7385a2c7533dd766de4197134d96230be85

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-08T14:22:13.328Z

Updated: 2026-05-11T22:24:44.896Z

Reserved: 2026-05-01T14:12:56.010Z

Link: CVE-2026-43446

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2026-05-08T15:16:57.113

Modified: 2026-05-21T17:03:45.157

Link: CVE-2026-43446

Redhat

Severity :

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43446 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-21T19:15:20Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object