Home

Description

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpm_resume" This is caused by aqc111_suspend calling the PM variant of its write_cmd routine. The simplified call trace looks like this: rpm_suspend() usb_suspend_both() - here udev->dev.power.runtime_status == RPM_SUSPENDING aqc111_suspend() - called for the usb device interface aqc111_write32_cmd() usb_autopm_get_interface() pm_runtime_resume_and_get() rpm_resume() - here we call rpm_resume() on our parent rpm_resume() - Here we wait for a status change that will never happen. At this point we block another task which holds rtnl_lock and locks up the whole networking stack. Fix this by replacing the write_cmd calls with their _nopm variants

PUBLISHED Reserved 2026-01-13 | Published 2026-04-03 | Updated 2026-05-11 | Assigner Linux

Product status

Default status
unaffected

e58ba4544c7771591d1e3157bc01b4a8e4d1c3fc (git) before cc06ac99fd78839b2d38850785731ef131d9ae26
affected

e58ba4544c7771591d1e3157bc01b4a8e4d1c3fc (git) before b87f361d41f9a7f1f6c426947ca815651c481376
affected

e58ba4544c7771591d1e3157bc01b4a8e4d1c3fc (git) before 621f2f43741b51f62d767eb4752fbcefe2526926
affected

e58ba4544c7771591d1e3157bc01b4a8e4d1c3fc (git) before 4de6a43e8ecf961feabddf0e9d6911081d2ed218
affected

e58ba4544c7771591d1e3157bc01b4a8e4d1c3fc (git) before 3267bcb744ee8a2feabaa7ab69473f086f67fd71
affected

e58ba4544c7771591d1e3157bc01b4a8e4d1c3fc (git) before d3e32a612c6391ca9b7c183aeec22b4fd24c300c
affected

e58ba4544c7771591d1e3157bc01b4a8e4d1c3fc (git) before 98e8aed64614b0c199d5f0391fbe1a4331cb5773
affected

e58ba4544c7771591d1e3157bc01b4a8e4d1c3fc (git) before 069c8f5aebe4d5224cf62acc7d4b3486091c658a
affected

Default status
affected

5.0
affected

Any version before 5.0
unaffected

5.10.253 (semver)
unaffected

5.15.203 (semver)
unaffected

6.1.167 (semver)
unaffected

6.6.130 (semver)
unaffected

6.12.78 (semver)
unaffected

6.18.20 (semver)
unaffected

6.19.10 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/cc06ac99fd78839b2d38850785731ef131d9ae26

git.kernel.org/...c/b87f361d41f9a7f1f6c426947ca815651c481376

git.kernel.org/...c/621f2f43741b51f62d767eb4752fbcefe2526926

git.kernel.org/...c/4de6a43e8ecf961feabddf0e9d6911081d2ed218

git.kernel.org/...c/3267bcb744ee8a2feabaa7ab69473f086f67fd71

git.kernel.org/...c/d3e32a612c6391ca9b7c183aeec22b4fd24c300c

git.kernel.org/...c/98e8aed64614b0c199d5f0391fbe1a4331cb5773

git.kernel.org/...c/069c8f5aebe4d5224cf62acc7d4b3486091c658a

cve.org (CVE-2026-23446)

nvd.nist.gov (CVE-2026-23446)

Download JSON