{
  "public_date" : "2026-04-03T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: net: usb: aqc111: Do not perform PM inside suspend callback",
    "id" : "2454870",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2454870"
  },
  "cwe" : "CWE-833",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nnet: usb: aqc111: Do not perform PM inside suspend callback\nsyzbot reports \"task hung in rpm_resume\"\nThis is caused by aqc111_suspend calling\nthe PM variant of its write_cmd routine.\nThe simplified call trace looks like this:\nrpm_suspend()\nusb_suspend_both() - here udev->dev.power.runtime_status == RPM_SUSPENDING\naqc111_suspend() - called for the usb device interface\naqc111_write32_cmd()\nusb_autopm_get_interface()\npm_runtime_resume_and_get()\nrpm_resume() - here we call rpm_resume() on our parent\nrpm_resume() - Here we wait for a status change that will never happen.\nAt this point we block another task which holds\nrtnl_lock and locks up the whole networking stack.\nFix this by replacing the write_cmd calls with their _nopm variants", "A flaw was found in the Linux kernel's aqc111 USB network driver. When the aqc111_suspend function is called, it incorrectly attempts to perform Power Management (PM) operations. This leads to a situation where a task hangs, preventing other critical networking operations and causing a Denial of Service (DoS) by locking up the entire networking stack." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-23446\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23446\nhttps://lore.kernel.org/linux-cve-announce/2026040315-CVE-2026-23446-65cf@gregkh/T" ],
  "name" : "CVE-2026-23446",
  "csaw" : false
}