CVE-2026-43381

MEDIUM EPSS 2.4%
Published May 8, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 8, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drm_dp_* then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID: 565741 at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c:164 r535_gsp_msgq_wait+0x9a/0xb0 [nouveau] CPU: 2 UID: 0 PID: 565741 Comm: fwupd Not tainted 6.18.10-200.fc43.x86_64 #1 PREEMPT(lazy) Hardware name: LENOVO 20QTS0PQ00/20QTS0PQ00, BIOS N2OET65W (1.52 ) 08/05/2024 RIP: 0010:r535_gsp_msgq_wait+0x9a/0xb0 [nouveau] This is a simple fix to get backported. We should probably engineer a proper power domain solution to wake up devices and keep them awake while fw updates are happening.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥3.16  –  <5.10.253
linuxlinux_kernel*≥5.11  –  <5.15.203
linuxlinux_kernel*≥5.16  –  <6.1.167
linuxlinux_kernel*≥6.2  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.78
linuxlinux_kernel*≥6.13  –  <6.18.19
linuxlinux_kernel*≥6.19  –  <6.19.9
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/178df7c91e6c202579284df9f79d1592a514cdcf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/24639553a016578222ac597db924dfb6fa5ec8b5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4df518aa196085909fd7e32518ecd27fba60ed69
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6bdd2d70c338d52c387d3b3aadc596784ae81b01
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8f3c6f08ababad2e3bdd239728cf66a9949446b4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ad8fa5bff53f5d1f8394f996850da8ce070eaee3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cd24cab2023aa46b595bc6b9cc39d8973d9d0a8c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fad178ae894930520519ead3c8e0150641466360
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/178df7c91e6c202579284df9f79d1592a514cdcf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/24639553a016578222ac597db924dfb6fa5ec8b5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4df518aa196085909fd7e32518ecd27fba60ed69
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6bdd2d70c338d52c387d3b3aadc596784ae81b01
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8f3c6f08ababad2e3bdd239728cf66a9949446b4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ad8fa5bff53f5d1f8394f996850da8ce070eaee3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cd24cab2023aa46b595bc6b9cc39d8973d9d0a8c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fad178ae894930520519ead3c8e0150641466360
    Patch