PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-23446 Linux CVE debrief

A MEDIUM severity vulnerability was found in the Linux kernel. The vulnerability is caused by aqc111_suspend calling the PM variant of its write_cmd routine, which can lead to a task hang in rpm_resume. The issue was resolved by replacing the write_cmd calls with their _nopm variants. This vulnerability affects Linux kernel versions 5.0.1 to 6.19.10 and users should be aware of this vulnerability and take steps to mitigate it.

Vendor
Linux
Product
Unknown
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-04-03
Original CVE updated
2026-07-14
Advisory published
2026-04-03
Advisory updated
2026-07-14

Who should care

Users of the Linux kernel, particularly those using versions 5.0.1 to 6.19.10, should be aware of this vulnerability and take steps to mitigate it. System administrators and security teams should review their system configurations and check for any signs of compromise.

Technical summary

The vulnerability is caused by aqc111_suspend calling the PM variant of its write_cmd routine, which can lead to a task hang in rpm_resume. The simplified call trace is: rpm_suspend() -> usb_suspend_both() -> aqc111_suspend() -> aqc111_write32_cmd() -> usb_autopm_get_interface() -> pm_runtime_resume_and_get() -> rpm_resume(). The issue was resolved by replacing the write_cmd calls with their _nopm variants in the aqc111_suspend function.

Defensive priority

Medium

Recommended defensive actions

  • Inventory and assess Linux kernel versions 5.0.1 to 6.19.10 for potential vulnerability
  • Apply patches from Linux kernel stable branches
  • Monitor for unusual system behavior
  • Implement compensating controls, such as limiting access to affected systems
  • Review system configurations and check for any signs of compromise
  • Track exceptions and retest remediated assets

Evidence notes

The CVE record was published on 2026-04-03T16:16:30.317Z and last modified on 2026-07-14T13:18:34.620Z. The NVD entry is currently Modified. This vulnerability affects Linux kernel versions 5.0.1 to 6.19.10. Users should verify their system configurations and check for any signs of compromise. The vulnerability has been resolved by replacing the write_cmd calls with their _nopm variants in the aqc111_suspend function.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-03T16:16:30.317Z and has not been modified since then. The NVD entry is currently Modified.