{"id":"CVE-2026-43381","summary":"nouveau/dpcd: return EBUSY for aux xfer if the device is asleep","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/dpcd: return EBUSY for aux xfer if the device is asleep\n\nIf we have runtime suspended, and userspace wants to use /dev/drm_dp_*\nthen just tell it the device is busy instead of crashing in the GSP\ncode.\n\nWARNING: CPU: 2 PID: 565741 at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c:164 r535_gsp_msgq_wait+0x9a/0xb0 [nouveau]\nCPU: 2 UID: 0 PID: 565741 Comm: fwupd Not tainted 6.18.10-200.fc43.x86_64 #1 PREEMPT(lazy)\nHardware name: LENOVO 20QTS0PQ00/20QTS0PQ00, BIOS N2OET65W (1.52 ) 08/05/2024\nRIP: 0010:r535_gsp_msgq_wait+0x9a/0xb0 [nouveau]\n\nThis is a simple fix to get backported. We should probably engineer a\nproper power domain solution to wake up devices and keep them awake\nwhile fw updates are happening.","modified":"2026-06-18T03:55:06.063160446Z","published":"2026-05-08T14:21:29.340Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43381.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/178df7c91e6c202579284df9f79d1592a514cdcf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/24639553a016578222ac597db924dfb6fa5ec8b5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4df518aa196085909fd7e32518ecd27fba60ed69"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6bdd2d70c338d52c387d3b3aadc596784ae81b01"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8f3c6f08ababad2e3bdd239728cf66a9949446b4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ad8fa5bff53f5d1f8394f996850da8ce070eaee3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cd24cab2023aa46b595bc6b9cc39d8973d9d0a8c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fad178ae894930520519ead3c8e0150641466360"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43381.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43381"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"8894f4919bc43f821775db2cfff4b917871b2102"},{"fixed":"178df7c91e6c202579284df9f79d1592a514cdcf"},{"fixed":"4df518aa196085909fd7e32518ecd27fba60ed69"},{"fixed":"cd24cab2023aa46b595bc6b9cc39d8973d9d0a8c"},{"fixed":"fad178ae894930520519ead3c8e0150641466360"},{"fixed":"6bdd2d70c338d52c387d3b3aadc596784ae81b01"},{"fixed":"ad8fa5bff53f5d1f8394f996850da8ce070eaee3"},{"fixed":"24639553a016578222ac597db924dfb6fa5ec8b5"},{"fixed":"8f3c6f08ababad2e3bdd239728cf66a9949446b4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43381.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.16.0"},{"fixed":"5.10.253"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.203"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.167"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.130"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.78"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.19"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.9"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43381.json"}}],"schema_version":"1.7.5"}