CVE-2025-71303

Source
https://cve.org/CVERecord?id=CVE-2025-71303
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71303.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-71303
Downstream
Published
2026-05-27T12:14:51.799Z
Modified
2026-07-08T08:06:53.457654132Z
Summary
accel/amdxdna: Fix race condition when checking rpm_on
Details

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Fix race condition when checking rpm_on

When autosuspend is triggered, driver rpmon flag is set to indicate that a suspend/resume is already in progress. However, when a userspace application submits a command during this narrow window, amdxdnapmresumeget() may incorrectly skip the resume operation because the rpm_on flag is still set. This results in commands being submitted while the device has not actually resumed, causing unexpected behavior.

The setdpm() is called by suspend/resume, it relied on rpmon flag to avoid calling into rpm suspend/resume recursivly. So to fix this, remove the use of the rpmon flag entirely. Instead, introduce aie2pmsetdpm() which explicitly resumes the device before invoking setdpm(). With this change, setdpm() is called directly inside the suspend or resume execution path. Otherwise, aie2pmset_dpm() is called.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71303.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
063db451832b8849faf1b0b8404b3a6a39995b29
Fixed
e7cb75b6a5127d78298e39750b4f3185eca0dafc
Fixed
00ffe45ece80160aef446d74ded906352f21dd72

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71303.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71303.json"