Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing runtime PM reference in ccs_mode_store ccs_mode_store() calls xe_gt_reset() which internally invokes xe_pm_runtime_get_noresume(). That function requires the caller to already hold an outer runtime PM reference and warns if none is held: [46.891177] xe 0000:03:00.0: [drm] Missing outer runtime PM protection [46.891178] WARNING: drivers/gpu/drm/xe/xe_pm.c:885 at xe_pm_runtime_get_noresume+0x8b/0xc0 Fix this by protecting xe_gt_reset() with the scope-based guard(xe_pm_runtime)(xe), which is the preferred form when the reference lifetime matches a single scope. v2: - Use scope-based guard(xe_pm_runtime)(xe) (Shuicheng) - Update commit message accordingly (cherry picked from commit 7937ea733f79b3f25e802a0c8360bf7423856f36)
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.19.1, < 6.19.10 |
References
- https://git.kernel.org/stable/c/65d046b2d8e0d6d855379a981869005fd6b6a41bPatch
- https://git.kernel.org/stable/c/c409ecce9adcf815e86bc2f68834982e5a9c4e76Patch
FAQ
What is CVE-2026-31547?
CVE-2026-31547 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing runtime PM reference in ccs_mode_store ccs_mode_store() calls xe_gt_reset() which internally invokes xe_pm_run...
How severe is CVE-2026-31547?
CVE-2026-31547 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-31547?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.