CVE-2026-53056 (GCVE-0-2026-53056)

Vulnerability from cvelistv5 – Published: 2026-06-24 16:30 – Updated: 2026-06-24 16:30
VLAI
Title
drm/msm/dpu: fix mismatch between power and frequency
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: fix mismatch between power and frequency During DPU runtime suspend, calling dev_pm_opp_set_rate(dev, 0) drops the MMCX rail to MIN_SVS while the core clock frequency remains at its original (highest) rate. When runtime resume re-enables the clock, this may result in a mismatch between the rail voltage and the clock rate. For example, in the DPU bind path, the sequence could be: cpu0: dev_sync_state -> rpmhpd_sync_state cpu1: dpu_kms_hw_init timeline 0 ------------------------------------------------> t After rpmhpd_sync_state, the voltage performance is no longer guaranteed to stay at the highest level. During dpu_kms_hw_init, calling dev_pm_opp_set_rate(dev, 0) drops the voltage, causing the MMCX rail to fall to MIN_SVS while the core clock is still at its maximum frequency. When the power is re-enabled, only the clock is enabled, leading to a situation where the MMCX rail is at MIN_SVS but the core clock is at its highest rate. In this state, the rail cannot sustain the clock rate, which may cause instability or system crash. Remove the call to dev_pm_opp_set_rate(dev, 0) from dpu_runtime_suspend to ensure the correct vote is restored when DPU resumes. Patchwork: https://patchwork.freedesktop.org/patch/710077/
Severity
No CVSS data available.
Assigner
Impacted products
Vendor Product Version
Linux Linux Affected: b0530eb1191307e9038d75e5c83973a396137681 , < 1181a7028d37e0b1e720a36125a03f5db97e3d27 (git)
Affected: b0530eb1191307e9038d75e5c83973a396137681 , < 9830999c9e065c1813ec5435bfe4eab98ee54a87 (git)
Affected: b0530eb1191307e9038d75e5c83973a396137681 , < c5735c7d0eef7a5240f9c1c66e44ba52a1be58d6 (git)
Affected: b0530eb1191307e9038d75e5c83973a396137681 , < 0f7dd5839cfabaf9c007fb718ec66e907a473c93 (git)
Affected: b0530eb1191307e9038d75e5c83973a396137681 , < 0ccf4f27b4652570b5de3de02a89a86435559de9 (git)
Affected: b0530eb1191307e9038d75e5c83973a396137681 , < bc1dccc518cc5ab5140fba06c27e7188e0ed342b (git)
Create a notification for this product.
Linux Linux Affected: 5.9
Unaffected: 0 , < 5.9 (semver)
Unaffected: 6.1.175 , ≤ 6.1.* (semver)
Unaffected: 6.6.141 , ≤ 6.6.* (semver)
Unaffected: 6.12.91 , ≤ 6.12.* (semver)
Unaffected: 6.18.33 , ≤ 6.18.* (semver)
Unaffected: 7.0.10 , ≤ 7.0.* (semver)
Unaffected: 7.1 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/disp/dpu1/dpu_kms.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1181a7028d37e0b1e720a36125a03f5db97e3d27",
              "status": "affected",
              "version": "b0530eb1191307e9038d75e5c83973a396137681",
              "versionType": "git"
            },
            {
              "lessThan": "9830999c9e065c1813ec5435bfe4eab98ee54a87",
              "status": "affected",
              "version": "b0530eb1191307e9038d75e5c83973a396137681",
              "versionType": "git"
            },
            {
              "lessThan": "c5735c7d0eef7a5240f9c1c66e44ba52a1be58d6",
              "status": "affected",
              "version": "b0530eb1191307e9038d75e5c83973a396137681",
              "versionType": "git"
            },
            {
              "lessThan": "0f7dd5839cfabaf9c007fb718ec66e907a473c93",
              "status": "affected",
              "version": "b0530eb1191307e9038d75e5c83973a396137681",
              "versionType": "git"
            },
            {
              "lessThan": "0ccf4f27b4652570b5de3de02a89a86435559de9",
              "status": "affected",
              "version": "b0530eb1191307e9038d75e5c83973a396137681",
              "versionType": "git"
            },
            {
              "lessThan": "bc1dccc518cc5ab5140fba06c27e7188e0ed342b",
              "status": "affected",
              "version": "b0530eb1191307e9038d75e5c83973a396137681",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/disp/dpu1/dpu_kms.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.175",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.141",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.91",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.33",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.*",
              "status": "unaffected",
              "version": "7.0.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.175",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.141",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.91",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.33",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0.10",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.1",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: fix mismatch between power and frequency\n\nDuring DPU runtime suspend, calling dev_pm_opp_set_rate(dev, 0) drops\nthe MMCX rail to MIN_SVS while the core clock frequency remains at its\noriginal (highest) rate. When runtime resume re-enables the clock, this\nmay result in a mismatch between the rail voltage and the clock rate.\n\nFor example, in the DPU bind path, the sequence could be:\n  cpu0: dev_sync_state -\u003e rpmhpd_sync_state\n  cpu1:                                     dpu_kms_hw_init\ntimeline 0 ------------------------------------------------\u003e t\n\nAfter rpmhpd_sync_state, the voltage performance is no longer guaranteed\nto stay at the highest level. During dpu_kms_hw_init, calling\ndev_pm_opp_set_rate(dev, 0) drops the voltage, causing the MMCX rail to\nfall to MIN_SVS while the core clock is still at its maximum frequency.\nWhen the power is re-enabled, only the clock is enabled, leading to a\nsituation where the MMCX rail is at MIN_SVS but the core clock is at its\nhighest rate. In this state, the rail cannot sustain the clock rate,\nwhich may cause instability or system crash.\n\nRemove the call to dev_pm_opp_set_rate(dev, 0) from dpu_runtime_suspend\nto ensure the correct vote is restored when DPU resumes.\n\nPatchwork: https://patchwork.freedesktop.org/patch/710077/"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-24T16:30:01.694Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1181a7028d37e0b1e720a36125a03f5db97e3d27"
        },
        {
          "url": "https://git.kernel.org/stable/c/9830999c9e065c1813ec5435bfe4eab98ee54a87"
        },
        {
          "url": "https://git.kernel.org/stable/c/c5735c7d0eef7a5240f9c1c66e44ba52a1be58d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/0f7dd5839cfabaf9c007fb718ec66e907a473c93"
        },
        {
          "url": "https://git.kernel.org/stable/c/0ccf4f27b4652570b5de3de02a89a86435559de9"
        },
        {
          "url": "https://git.kernel.org/stable/c/bc1dccc518cc5ab5140fba06c27e7188e0ed342b"
        }
      ],
      "title": "drm/msm/dpu: fix mismatch between power and frequency",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-53056",
    "datePublished": "2026-06-24T16:30:01.694Z",
    "dateReserved": "2026-06-09T07:44:35.381Z",
    "dateUpdated": "2026-06-24T16:30:01.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-53056",
      "date": "2026-07-02",
      "epss": "0.0018",
      "percentile": "0.07778"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-53056\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-06-24T17:17:17.663\",\"lastModified\":\"2026-06-24T17:17:17.663\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/msm/dpu: fix mismatch between power and frequency\\n\\nDuring DPU runtime suspend, calling dev_pm_opp_set_rate(dev, 0) drops\\nthe MMCX rail to MIN_SVS while the core clock frequency remains at its\\noriginal (highest) rate. When runtime resume re-enables the clock, this\\nmay result in a mismatch between the rail voltage and the clock rate.\\n\\nFor example, in the DPU bind path, the sequence could be:\\n  cpu0: dev_sync_state -\u003e rpmhpd_sync_state\\n  cpu1:                                     dpu_kms_hw_init\\ntimeline 0 ------------------------------------------------\u003e t\\n\\nAfter rpmhpd_sync_state, the voltage performance is no longer guaranteed\\nto stay at the highest level. During dpu_kms_hw_init, calling\\ndev_pm_opp_set_rate(dev, 0) drops the voltage, causing the MMCX rail to\\nfall to MIN_SVS while the core clock is still at its maximum frequency.\\nWhen the power is re-enabled, only the clock is enabled, leading to a\\nsituation where the MMCX rail is at MIN_SVS but the core clock is at its\\nhighest rate. In this state, the rail cannot sustain the clock rate,\\nwhich may cause instability or system crash.\\n\\nRemove the call to dev_pm_opp_set_rate(dev, 0) from dpu_runtime_suspend\\nto ensure the correct vote is restored when DPU resumes.\\n\\nPatchwork: https://patchwork.freedesktop.org/patch/710077/\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"drivers/gpu/drm/msm/disp/dpu1/dpu_kms.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"b0530eb1191307e9038d75e5c83973a396137681\",\"lessThan\":\"1181a7028d37e0b1e720a36125a03f5db97e3d27\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"b0530eb1191307e9038d75e5c83973a396137681\",\"lessThan\":\"9830999c9e065c1813ec5435bfe4eab98ee54a87\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"b0530eb1191307e9038d75e5c83973a396137681\",\"lessThan\":\"c5735c7d0eef7a5240f9c1c66e44ba52a1be58d6\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"b0530eb1191307e9038d75e5c83973a396137681\",\"lessThan\":\"0f7dd5839cfabaf9c007fb718ec66e907a473c93\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"b0530eb1191307e9038d75e5c83973a396137681\",\"lessThan\":\"0ccf4f27b4652570b5de3de02a89a86435559de9\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"b0530eb1191307e9038d75e5c83973a396137681\",\"lessThan\":\"bc1dccc518cc5ab5140fba06c27e7188e0ed342b\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"drivers/gpu/drm/msm/disp/dpu1/dpu_kms.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"5.9\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"5.9\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.1.175\",\"lessThanOrEqual\":\"6.1.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.141\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.91\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.18.33\",\"lessThanOrEqual\":\"6.18.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.0.10\",\"lessThanOrEqual\":\"7.0.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.1\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0ccf4f27b4652570b5de3de02a89a86435559de9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/0f7dd5839cfabaf9c007fb718ec66e907a473c93\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/1181a7028d37e0b1e720a36125a03f5db97e3d27\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9830999c9e065c1813ec5435bfe4eab98ee54a87\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/bc1dccc518cc5ab5140fba06c27e7188e0ed342b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c5735c7d0eef7a5240f9c1c66e44ba52a1be58d6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…