Description
In the Linux kernel, the following vulnerability has been resolved:

pmdomain: core: Fix detach procedure for virtual devices in genpd

If a device is attached to a PM domain through genpd_dev_pm_attach_by_id(),
genpd calls pm_runtime_enable() for the corresponding virtual device that
it registers. While this avoids boilerplate code in drivers, there is no
corresponding call to pm_runtime_disable() in genpd_dev_pm_detach().

This means these virtual devices are typically detached from its genpd,
while runtime PM remains enabled for them, which is not how things are
designed to work. In worst cases it may lead to critical errors, like a
NULL pointer dereference bug in genpd_runtime_suspend(), which was recently
reported. For another case, we may end up keeping an unnecessary vote for a
performance state for the device.

To fix these problems, let's add this missing call to pm_runtime_disable()
in genpd_dev_pm_detach().
Published: 2026-06-08
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A missing call to pm_runtime_disable when a virtual device is detached in the Linux kernel core genpd subsystem can leave runtime power management enabled for a device that no longer exists. This oversight may trigger a null pointer dereference during genpd_runtime_suspend or keep an unnecessary vote for a performance state, both of which can cause the kernel to crash. The impact is the loss of system stability and availability.

Affected Systems

The flaw applies to all Linux kernel releases that contain the genpd_dev_pm_attach_by_id and genpd_dev_pm_detach functions without the disabling logic. In the absence of the corrective commit, any kernel that has not been updated will expose the behavior. No specific distribution is singled out; any Linux kernel build is potentially affected until the patch is applied.

Risk and Exploitability

The CVSS score of 5.5 indicates a moderate severity, and the EPSS score is not available, so the likelihood of exploitation cannot be quantified. The vulnerability is not listed in the CISA KEV catalog, indicating that no public exploits have been reported to date. Because the bug involves kernel space code, an attacker would need local access or a way to trigger device attach/detach operations to exploit it. The potential consequence remains high only if the crash or performance state mismanagement is invoked.

Generated by OpenCVE AI on June 9, 2026 at 02:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a Linux kernel update that includes the genpd_dev_pm_detach patch
  • If a kernel update is not immediately possible, limit the use of virtual devices that rely on the genpd_attach_by_id interface, or disable runtime power management for those devices until the fix is deployed
  • Ensure that any custom or legacy drivers that use genpd_dev_pm_attach_by_id also include matching detach calls or are updated to the patched kernel logic

Generated by OpenCVE AI on June 9, 2026 at 02:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 01:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Tue, 09 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Mon, 08 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Mon, 08 Jun 2026 17:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: pmdomain: core: Fix detach procedure for virtual devices in genpd If a device is attached to a PM domain through genpd_dev_pm_attach_by_id(), genpd calls pm_runtime_enable() for the corresponding virtual device that it registers. While this avoids boilerplate code in drivers, there is no corresponding call to pm_runtime_disable() in genpd_dev_pm_detach(). This means these virtual devices are typically detached from its genpd, while runtime PM remains enabled for them, which is not how things are designed to work. In worst cases it may lead to critical errors, like a NULL pointer dereference bug in genpd_runtime_suspend(), which was recently reported. For another case, we may end up keeping an unnecessary vote for a performance state for the device. To fix these problems, let's add this missing call to pm_runtime_disable() in genpd_dev_pm_detach().
Title pmdomain: core: Fix detach procedure for virtual devices in genpd
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-08T15:46:19.431Z

Reserved: 2026-05-13T15:03:33.110Z

Link: CVE-2026-46292

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-08T17:16:47.497

Modified: 2026-06-08T17:16:47.497

Link: CVE-2026-46292

cve-icon Redhat

Severity : Low

Publid Date: 2026-06-08T00:00:00Z

Links: CVE-2026-46292 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T02:30:26Z

Weaknesses