Description
In the Linux kernel, the following vulnerability has been resolved:

Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend"

This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6.

The idle-skip optimization bypasses GuC suspend, so the GPU may not
perform the context switch that flushes TLB entries for invalidated
userptr VMAs. In LR/preempt-fence VM mode, this can lead to missed TLB
invalidation and page faults during userptr invalidation tests.

Restore unconditional schedule toggling on suspend so the context-switch
TLB flush is always performed.

This optimization will be reintroduced with a fix that does not skip
suspend in LR/preempt-fence VM mode.

(cherry picked from commit 6a1e7934d9a6cf46aecae00a99c2603d1295e170)
Published: 2026-06-25
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arose when the DRM Xe code omitted the schedule toggle that forces a GPU context switch during suspend when the execution queue is idle. This bypasses a GuC suspend step that normally flushes Translation Look‑aside Buffers (TLBs) for userptr virtual memory areas that have been invalidated. In systems running the LR/preempt‑fence VM mode, the omitted flush can leave stale TLB entries in place. When userptr pages are later invalidated or accessed, the missing flush can cause page faults that disrupt the kernel's memory handling logic.

Affected Systems

The affected product is the Linux kernel. Any released kernel that contains the commit 8533051ce92015e9cc6f75e0d52119b9d91610b6, its revert, or the keyword ‘drm/xe: Skip exec queue schedule toggle’ is relevant. Because the issue is specific to the LR/preempt‑fence VM execution mode, kernels where this mode is enabled are at higher risk.

Risk and Exploitability

The CVSS score of 7.8 indicates a moderate‑to‑high severity assessment. An EPSS score of < 1% reflects a low probability of exploitation. The flaw is not listed in the CISA KEV catalog, suggesting no publicly documented exploit activity. The primary vulnerability is in system availability: the missing TLB flush can lead to page faults during userptr invalidation, potentially causing service disruptions. An attacker would need sufficient privileges to provoke the fault conditions, so remote exploitation is improbable without local or elevated access.

Generated by OpenCVE AI on June 28, 2026 at 17:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the kernel to a release that includes the revert commit restoring unconditional schedule toggling during suspend, ensuring the required TLB flush occurs.
  • If a kernel update is not possible, disable the LR/preempt‑fence VM mode configuration to eliminate the code path that skips the TLB flush until a later kernel patch is applied.
  • As a temporary fix, manually apply the revert commit to the kernel source tree and rebuild the kernel to restore the TLB flush behavior while awaiting an official update.

Generated by OpenCVE AI on June 28, 2026 at 17:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 00:45:00 +0000


Sun, 28 Jun 2026 17:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-665
CWE-779

Sun, 28 Jun 2026 15:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-400
CWE-401

Sun, 28 Jun 2026 08:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


Thu, 25 Jun 2026 13:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-400
CWE-401

Thu, 25 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the context switch that flushes TLB entries for invalidated userptr VMAs. In LR/preempt-fence VM mode, this can lead to missed TLB invalidation and page faults during userptr invalidation tests. Restore unconditional schedule toggling on suspend so the context-switch TLB flush is always performed. This optimization will be reintroduced with a fix that does not skip suspend in LR/preempt-fence VM mode. (cherry picked from commit 6a1e7934d9a6cf46aecae00a99c2603d1295e170)
Title Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend"
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-28T06:40:19.592Z

Reserved: 2026-06-09T07:44:35.391Z

Link: CVE-2026-53201

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity :

Publid Date: 2026-06-25T00:00:00Z

Links: CVE-2026-53201 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-28T17:30:06Z

Weaknesses