CVE-2026-43311 Linux CVE debrief

Who should care

Linux kernel users and administrators, particularly those using Tegra platforms, should be aware of this vulnerability. The vulnerability affects Linux kernel versions from 6.2 up to but not including 6.19.6. Users of PREEMPT_RT kernels may have additional considerations due to the IRQ work execution context.

Technical summary

The vulnerability is caused by an unsafe call to generic_handle_irq() from a non-interrupt context in the soc/tegra: pmc component of the Linux kernel. This results in a warning during system resume on Tegra platforms. The fix involves deferring the generic_handle_irq() call to an IRQ work that executes in hard IRQ context, ensuring safe execution. For PREEMPT_RT kernels, using IRQ_WORK_INIT_HARD ensures the IRQ work is processed in hardirq context instead of being deferred to a thread.

Defensive priority

Apply patches or updates from the Linux kernel maintainers to address the vulnerability. Review system configurations and ensure that IRQ work is properly handled.

Recommended defensive actions

• Apply the official patches provided by the Linux kernel maintainers.
• Review system configurations to ensure proper handling of IRQ work.
• Monitor system logs for any related warnings or errors.
• Consider updating to a Linux kernel version that includes the fix.
• Verify that system resume and IRQ handling are functioning correctly.

Evidence notes

The vulnerability is documented in the CVE-2026-43311 record and the NVD detail page. Patches are available from the Linux kernel stable tree. The issue is caused by an unsafe generic_handle_irq() call in the soc/tegra: pmc component.

Official resources