HOMEVULNERABILITIESCVE-2026-45911
NONE

CVE-2026-45911

Published: May 27, 2026· Updated: May 27, 2026

Official Description

In the Linux kernel, the following vulnerability has been resolved:

usb: cdns3: fix role switching during resume

If the role change while we are suspended, the cdns3 driver switches to the

new mode during resume. However, switching to host mode in this context

causes a NULL pointer dereference.

The host role's start() operation registers a xhci-hcd device, but its

probe is deferred while we are in the resume path. The host role's resume()

operation assumes the xhci-hcd device is already probed, which is not the

case, leading to the dereference. Since the start() operation of the new

role is already called, the resume operation can be skipped.

So skip the resume operation for the new role if a role switch occurs

during resume. Once the resume sequence is complete, the xhci-hcd device

can be probed in case of host mode.

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000208

Mem abort info:

...

Data abort info:

...

[0000000000000208] pgd=0000000000000000, p4d=0000000000000000

Internal error: Oops: 0000000096000004 [#1] SMP

Modules linked in:

CPU: 0 UID: 0 PID: 146 Comm: sh Not tainted

6.19.0-rc7-00013-g6e64f4aabfae-dirty #135 PREEMPT

Hardware name: Texas Instruments J7200 EVM (DT)

pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)

pc : usb_hcd_is_primary_hcd+0x0/0x1c

lr : cdns_host_resume+0x24/0x5c

...

Call trace:

usb_hcd_is_primary_hcd+0x0/0x1c (P)

cdns_resume+0x6c/0xbc

cdns3_controller_resume.isra.0+0xe8/0x17c

cdns3_plat_resume+0x18/0x24

platform_pm_resume+0x2c/0x68

dpm_run_callback+0x90/0x248

device_resume+0x100/0x24c

dpm_resume+0x190/0x2ec

dpm_resume_end+0x18/0x34

suspend_devices_and_enter+0x2b0/0xa44

pm_suspend+0x16c/0x5fc

state_store+0x80/0xec

kobj_attr_store+0x18/0x2c

sysfs_kf_write+0x7c/0x94

kernfs_fop_write_iter+0x130/0x1dc

vfs_write+0x240/0x370

ksys_write+0x70/0x108

__arm64_sys_write+0x1c/0x28

invoke_syscall+0x48/0x10c

el0_svc_common.constprop.0+0x40/0xe0

do_el0_svc+0x1c/0x28

el0_svc+0x34/0x108

el0t_64_sync_handler+0xa0/0xe4

el0t_64_sync+0x198/0x19c

Code: 52800003 f9407ca5 d63f00a0 17ffffe4 (f9410401)

---[ end trace 0000000000000000 ]---

NVD Source

Technical Analysis

CVE-2026-45911 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (7)

Quick Facts

CVE IDCVE-2026-45911
SeverityNONE
CISA KEVNo
PublishedMay 27, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-45911 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.