CVE-2026-46292
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/06/2026
Last modified:
08/07/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
pmdomain: core: Fix detach procedure for virtual devices in genpd<br />
<br />
If a device is attached to a PM domain through genpd_dev_pm_attach_by_id(),<br />
genpd calls pm_runtime_enable() for the corresponding virtual device that<br />
it registers. While this avoids boilerplate code in drivers, there is no<br />
corresponding call to pm_runtime_disable() in genpd_dev_pm_detach().<br />
<br />
This means these virtual devices are typically detached from its genpd,<br />
while runtime PM remains enabled for them, which is not how things are<br />
designed to work. In worst cases it may lead to critical errors, like a<br />
NULL pointer dereference bug in genpd_runtime_suspend(), which was recently<br />
reported. For another case, we may end up keeping an unnecessary vote for a<br />
performance state for the device.<br />
<br />
To fix these problems, let&#39;s add this missing call to pm_runtime_disable()<br />
in genpd_dev_pm_detach().
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.18 (including) | 5.10.259 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.210 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.176 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.141 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.88 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.18.30 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 7.0.7 (excluding) |
| cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/26735dfdd8930d9ef1fa92e590a9bf77726efdf6
- https://git.kernel.org/stable/c/361518a26e4434e879db6ff43bf364795dcbfbff
- https://git.kernel.org/stable/c/51a7dd9cbae9210335ce398642ecaaa52c939eb5
- https://git.kernel.org/stable/c/52e485ed0dcb5496864003ba9ffcef7d5b613f83
- https://git.kernel.org/stable/c/707cb5df3eab32ddc52979418f7ace62941e6381
- https://git.kernel.org/stable/c/8d44391a7f29e4601e8243f13498d0219bab2576
- https://git.kernel.org/stable/c/98b8104978474d381256a2b2fb0e7ca8e05a7bfa
- https://git.kernel.org/stable/c/e8f8dad44f024a5c99e54a48ad5c943fa8e54319



