CVE-2026-31572

Source
https://cve.org/CVERecord?id=CVE-2026-31572
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31572.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-31572
Downstream
Published
2026-04-24T14:35:50.736Z
Modified
2026-07-08T07:32:31.085556571Z
Summary
i2c: designware: amdisp: Fix resume-probe race condition issue
Details

In the Linux kernel, the following vulnerability has been resolved:

i2c: designware: amdisp: Fix resume-probe race condition issue

Identified resume-probe race condition in kernel v7.0 with the commit 38fa29b01a6a ("i2c: designware: Combine the init functions"),but this issue existed from the beginning though not detected.

The amdisp i2c device requires ISP to be in power-on state for probe to succeed. To meet this requirement, this device is added to genpd to control ISP power using runtime PM. The pmruntimegetsync() called before i2cdw_probe() triggers PM resume, which powers on ISP and also invokes the amdisp i2c runtime resume before the probe completes resulting in this race condition and a NULL dereferencing issue in v7.0

Fix this race condition by using the genpd APIs directly during probe: - Call devpmgenpdresume() to Power ON ISP before probe - Call devpmgenpdsuspend() to Power OFF ISP after probe - Set the device to suspended state with pmruntimeset_suspended() - Enable runtime PM only after the device is fully initialized

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31572.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d6263c468a761cd4c89887073614394ac48441e1
Fixed
83bcea9da91965484df64a6492b89e65d41ab31c
Fixed
e81f0341754c309e33babea2821eda8f98f0b44c
Fixed
e2f1ada8e089dd5a331bcd8b88125ae2af8d188f

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31572.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.16.0
Fixed
6.18.21
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.11

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31572.json"