CVE-2026-23295Improper Resource Locking in Linux

CWE-413Improper Resource Locking7 documents6 sources
Severity
5.3MEDIUM
No vector
EPSS
0.0%
top 93.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix dead lock for suspend and resume When an application issues a query IOCTL while auto suspend is running, a deadlock can occur. The query path holds dev_lock and then calls pm_runtime_resume_and_get(), which waits for the ongoing suspend to complete. Meanwhile, the suspend callback attempts to acquire dev_lock and blocks, resulting in a deadlock. Fix this by releasing dev_lock before calling pm_runtime_resum

Affected Packages4 packages

Linuxlinux/linux_kernel6.19.06.19.7
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux063db451832b8849faf1b0b8404b3a6a39995b29ac24537478dd8eb2fd3984b4652bb19461e5e74c+2
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
OSV
accel/amdxdna: Fix dead lock for suspend and resume2026-03-25
OSV
CVE-2026-23295: In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix dead lock for suspend and resume When an application issues a q2026-03-25
GHSA
GHSA-g6hh-758m-xq4q: In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix dead lock for suspend and resume When an application issues a2026-03-25

📋Vendor Advisories

2
Red Hat
kernel: accel/amdxdna: Fix dead lock for suspend and resume2026-03-25
Debian
CVE-2026-23295: linux - In the Linux kernel, the following vulnerability has been resolved: accel/amdxd...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23295 Impact, Exploitability, and Mitigation Steps | Wiz