CVE-2026-31572

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> i2c: designware: amdisp: Fix resume-probe race condition issue<br /> <br /> Identified resume-probe race condition in kernel v7.0 with the commit<br /> 38fa29b01a6a ("i2c: designware: Combine the init functions"),but this<br /> issue existed from the beginning though not detected.<br /> <br /> The amdisp i2c device requires ISP to be in power-on state for probe<br /> to succeed. To meet this requirement, this device is added to genpd<br /> to control ISP power using runtime PM. The pm_runtime_get_sync() called<br /> before i2c_dw_probe() triggers PM resume, which powers on ISP and also<br /> invokes the amdisp i2c runtime resume before the probe completes resulting<br /> in this race condition and a NULL dereferencing issue in v7.0<br /> <br /> Fix this race condition by using the genpd APIs directly during probe:<br /> - Call dev_pm_genpd_resume() to Power ON ISP before probe<br /> - Call dev_pm_genpd_suspend() to Power OFF ISP after probe<br /> - Set the device to suspended state with pm_runtime_set_suspended()<br /> - Enable runtime PM only after the device is fully initialized