Improper control of a resource through its lifetime in Linux kernel - CVE-2026-53056
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper power state management in the drm/msm/dpu runtime suspend logic when handling runtime suspend and resume operations. A local user can trigger the vulnerable code path to cause a denial of service.
The issue occurs when the MMCX rail is dropped to MIN_SVS while the core clock remains at its highest rate, which can lead to instability or a system crash when the clock is re-enabled.
How to mitigate CVE-2026-53056
Sources
- https://git.kernel.org/stable/c/0ccf4f27b4652570b5de3de02a89a86435559de9
- https://git.kernel.org/stable/c/0f7dd5839cfabaf9c007fb718ec66e907a473c93
- https://git.kernel.org/stable/c/1181a7028d37e0b1e720a36125a03f5db97e3d27
- https://git.kernel.org/stable/c/9830999c9e065c1813ec5435bfe4eab98ee54a87
- https://git.kernel.org/stable/c/bc1dccc518cc5ab5140fba06c27e7188e0ed342b
- https://git.kernel.org/stable/c/c5735c7d0eef7a5240f9c1c66e44ba52a1be58d6