CVE-2025-71303 Linux CVE debrief

Who should care

Organizations running Linux systems with AMD XDNA AI accelerators, particularly those utilizing runtime power management features. Cloud providers and HPC environments with AMD XDNA hardware should prioritize kernel updates. System administrators managing workstations or servers with AMD Ryzen AI or similar XDNA-based accelerators.

Technical summary

The accel/amdxdna driver in the Linux kernel contains a race condition in its runtime power management implementation. The `rpm_on` flag, intended to prevent recursive suspend/resume calls via `set_dpm()`, creates a timing window where `amdxdna_pm_resume_get()` may return success without actually resuming the device. This occurs when autosuspend is triggered and a userspace command submission interleaves with the flag check. The resolution removes the `rpm_on` flag and restructures the code to use `aie2_pm_set_dpm()` for explicit resume operations outside of the core suspend/resume paths, while calling `set_dpm()` directly within those paths.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates containing the referenced stable tree commits when available from your Linux distribution
• Monitor vendor security advisories for AMD XDNA driver updates
• Review systems utilizing AMD XDNA accelerators for unexpected behavior during power state transitions
• Consider disabling runtime power management for AMD XDNA devices as a temporary mitigation if operational impact is observed

Evidence notes

The vulnerability description is sourced from the official CVE record published by NVD on 2026-05-27. The fix involves kernel-level changes to the AMD XDNA accelerator driver's power management subsystem. Two kernel.org stable tree commits are referenced as resolution sources.

Official resources