SB20260528238 - Race condition in Linux kernel accel amdxdna driver



SB20260528238 - Race condition in Linux kernel accel amdxdna driver

Published: May 28, 2026

Security Bulletin ID SB20260528238
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Local access
Highest impact Partial DoS

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Race condition (CVE-ID: CVE-2025-71303)

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to cause unexpected behavior.

The vulnerability exists due to a race condition in the amdxdna power management logic when submitting commands during an autosuspend window. A local user can submit a command while a suspend or resume operation is in progress to cause unexpected behavior.

The issue occurs when the device has not actually resumed even though command submission proceeds.


Remediation

Install update from vendor's website.