PatchSiren cyber security CVE debrief
CVE-2026-23446 Linux CVE debrief
A MEDIUM severity vulnerability was found in the Linux kernel. The vulnerability is caused by aqc111_suspend calling the PM variant of its write_cmd routine, which can lead to a task hang in rpm_resume. The issue was resolved by replacing the write_cmd calls with their _nopm variants. This vulnerability affects Linux kernel versions 5.0.1 to 6.19.10 and users should be aware of this vulnerability and take steps to mitigate it.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-03
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-04-03
- Advisory updated
- 2026-07-14
Who should care
Users of the Linux kernel, particularly those using versions 5.0.1 to 6.19.10, should be aware of this vulnerability and take steps to mitigate it. System administrators and security teams should review their system configurations and check for any signs of compromise.
Technical summary
The vulnerability is caused by aqc111_suspend calling the PM variant of its write_cmd routine, which can lead to a task hang in rpm_resume. The simplified call trace is: rpm_suspend() -> usb_suspend_both() -> aqc111_suspend() -> aqc111_write32_cmd() -> usb_autopm_get_interface() -> pm_runtime_resume_and_get() -> rpm_resume(). The issue was resolved by replacing the write_cmd calls with their _nopm variants in the aqc111_suspend function.
Defensive priority
Medium
Recommended defensive actions
- Inventory and assess Linux kernel versions 5.0.1 to 6.19.10 for potential vulnerability
- Apply patches from Linux kernel stable branches
- Monitor for unusual system behavior
- Implement compensating controls, such as limiting access to affected systems
- Review system configurations and check for any signs of compromise
- Track exceptions and retest remediated assets
Evidence notes
The CVE record was published on 2026-04-03T16:16:30.317Z and last modified on 2026-07-14T13:18:34.620Z. The NVD entry is currently Modified. This vulnerability affects Linux kernel versions 5.0.1 to 6.19.10. Users should verify their system configurations and check for any signs of compromise. The vulnerability has been resolved by replacing the write_cmd calls with their _nopm variants in the aqc111_suspend function.
Official resources
-
CVE-2026-23446 CVE record
CVE.org
-
CVE-2026-23446 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-03T16:16:30.317Z and has not been modified since then. The NVD entry is currently Modified.