CVE-2025-71303
Awaiting Analysis Awaiting Analysis - Queue
Race Condition in Linux Kernel AMDXDNA Driver

Publication date: 2026-05-27

Last updated on: 2026-05-27

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix race condition when checking rpm_on When autosuspend is triggered, driver rpm_on flag is set to indicate that a suspend/resume is already in progress. However, when a userspace application submits a command during this narrow window, amdxdna_pm_resume_get() may incorrectly skip the resume operation because the rpm_on flag is still set. This results in commands being submitted while the device has not actually resumed, causing unexpected behavior. The set_dpm() is called by suspend/resume, it relied on rpm_on flag to avoid calling into rpm suspend/resume recursivly. So to fix this, remove the use of the rpm_on flag entirely. Instead, introduce aie2_pm_set_dpm() which explicitly resumes the device before invoking set_dpm(). With this change, set_dpm() is called directly inside the suspend or resume execution path. Otherwise, aie2_pm_set_dpm() is called.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-27
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2025-71303
EUVD
EUVD-2025-209967
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's amdxdna driver related to a race condition when checking the rpm_on flag during autosuspend.

When autosuspend is triggered, the rpm_on flag is set to indicate that a suspend or resume operation is already in progress. However, if a userspace application submits a command during this narrow window, the function amdxdna_pm_resume_get() may incorrectly skip the resume operation because the rpm_on flag is still set.

As a result, commands can be submitted while the device has not actually resumed, causing unexpected behavior.

The fix involved removing the use of the rpm_on flag entirely and introducing a new function aie2_pm_set_dpm() which explicitly resumes the device before invoking set_dpm(), ensuring proper suspend and resume execution paths.

Impact Analysis

This vulnerability can cause unexpected behavior in the device because commands may be submitted while the device is not fully resumed.

Such unexpected behavior could lead to system instability, malfunction of the device, or potential data corruption depending on how the device is used.

Mitigation Strategies

The vulnerability is resolved by removing the use of the rpm_on flag and introducing a new function aie2_pm_set_dpm() which explicitly resumes the device before invoking set_dpm().

To mitigate this vulnerability, ensure your Linux kernel is updated to a version that includes this fix.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71303. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart