CVE-2026-43381
- Source
- https://cve.org/CVERecord?id=CVE-2026-43381
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43381.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-43381
- Downstream
- Published
- 2026-05-08T14:21:29.340Z
- Modified
- 2026-06-18T03:55:06.063160446Z
- Summary
- nouveau/dpcd: return EBUSY for aux xfer if the device is asleep
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
nouveau/dpcd: return EBUSY for aux xfer if the device is asleep
If we have runtime suspended, and userspace wants to use /dev/drmdp* then just tell it the device is busy instead of crashing in the GSP code.
WARNING: CPU: 2 PID: 565741 at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c:164 r535gspmsgqwait+0x9a/0xb0 [nouveau] CPU: 2 UID: 0 PID: 565741 Comm: fwupd Not tainted 6.18.10-200.fc43.x8664 #1 PREEMPT(lazy) Hardware name: LENOVO 20QTS0PQ00/20QTS0PQ00, BIOS N2OET65W (1.52 ) 08/05/2024 RIP: 0010:r535gspmsgq_wait+0x9a/0xb0 [nouveau]
This is a simple fix to get backported. We should probably engineer a proper power domain solution to wake up devices and keep them awake while fw updates are happening.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43381.json" }- References
-
- https://git.kernel.org/stable/c/178df7c91e6c202579284df9f79d1592a514cdcf
- https://git.kernel.org/stable/c/24639553a016578222ac597db924dfb6fa5ec8b5
- https://git.kernel.org/stable/c/4df518aa196085909fd7e32518ecd27fba60ed69
- https://git.kernel.org/stable/c/6bdd2d70c338d52c387d3b3aadc596784ae81b01
- https://git.kernel.org/stable/c/8f3c6f08ababad2e3bdd239728cf66a9949446b4
- https://git.kernel.org/stable/c/ad8fa5bff53f5d1f8394f996850da8ce070eaee3
- https://git.kernel.org/stable/c/cd24cab2023aa46b595bc6b9cc39d8973d9d0a8c
- https://git.kernel.org/stable/c/fad178ae894930520519ead3c8e0150641466360
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43381.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-43381
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8894f4919bc43f821775db2cfff4b917871b2102Fixed178df7c91e6c202579284df9f79d1592a514cdcfFixed4df518aa196085909fd7e32518ecd27fba60ed69Fixedcd24cab2023aa46b595bc6b9cc39d8973d9d0a8cFixedfad178ae894930520519ead3c8e0150641466360Fixed6bdd2d70c338d52c387d3b3aadc596784ae81b01Fixedad8fa5bff53f5d1f8394f996850da8ce070eaee3Fixed24639553a016578222ac597db924dfb6fa5ec8b5Fixed8f3c6f08ababad2e3bdd239728cf66a9949446b4
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced3.16.0Fixed5.10.253
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.203
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.167
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.130
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.78
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.18.19
- Type
- ECOSYSTEM
- Events
-
Introduced6.19.0Fixed6.19.9