CVE-2026-23446
- Source
- https://cve.org/CVERecord?id=CVE-2026-23446
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23446.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-23446
- Downstream
- Related
- Published
- 2026-04-03T15:15:29.863Z
- Modified
- 2026-06-03T18:29:35.989984829Z
- Summary
- net: usb: aqc111: Do not perform PM inside suspend callback
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: usb: aqc111: Do not perform PM inside suspend callback
syzbot reports "task hung in rpm_resume"
This is caused by aqc111suspend calling the PM variant of its writecmd routine.
The simplified call trace looks like this:
rpmsuspend() usbsuspendboth() - here udev->dev.power.runtimestatus == RPMSUSPENDING aqc111suspend() - called for the usb device interface aqc111write32cmd() usbautopmgetinterface() pmruntimeresumeandget() rpmresume() - here we call rpmresume() on our parent rpmresume() - Here we wait for a status change that will never happen.
At this point we block another task which holds rtnl_lock and locks up the whole networking stack.
Fix this by replacing the write_cmd calls with their _nopm variants
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23446.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/069c8f5aebe4d5224cf62acc7d4b3486091c658a
- https://git.kernel.org/stable/c/3267bcb744ee8a2feabaa7ab69473f086f67fd71
- https://git.kernel.org/stable/c/4de6a43e8ecf961feabddf0e9d6911081d2ed218
- https://git.kernel.org/stable/c/621f2f43741b51f62d767eb4752fbcefe2526926
- https://git.kernel.org/stable/c/98e8aed64614b0c199d5f0391fbe1a4331cb5773
- https://git.kernel.org/stable/c/b87f361d41f9a7f1f6c426947ca815651c481376
- https://git.kernel.org/stable/c/cc06ac99fd78839b2d38850785731ef131d9ae26
- https://git.kernel.org/stable/c/d3e32a612c6391ca9b7c183aeec22b4fd24c300c
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23446.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23446
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede58ba4544c7771591d1e3157bc01b4a8e4d1c3fcFixedcc06ac99fd78839b2d38850785731ef131d9ae26Fixedb87f361d41f9a7f1f6c426947ca815651c481376Fixed621f2f43741b51f62d767eb4752fbcefe2526926Fixed4de6a43e8ecf961feabddf0e9d6911081d2ed218Fixed3267bcb744ee8a2feabaa7ab69473f086f67fd71Fixedd3e32a612c6391ca9b7c183aeec22b4fd24c300cFixed98e8aed64614b0c199d5f0391fbe1a4331cb5773Fixed069c8f5aebe4d5224cf62acc7d4b3486091c658a
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced5.0.0Fixed5.10.253
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.203
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.167
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.130
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.78
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.18.20
- Type
- ECOSYSTEM
- Events
-
Introduced6.19.0Fixed6.19.10