x86/apic: Disable x2apic on resume if the kernel expects so

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-43363
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-05-08 15:16:47 UTC
Updated2026-05-08 15:16:47 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: x86/apic: Disable x2apic on resume if the kernel expects so When resuming from s2ram, firmware may re-enable x2apic mode, which may have been disabled by the kernel during boot either because it doesn't support IRQ remapping or for other reasons. This causes the kernel to continue using the xapic interface, while the hardware is in x2apic mode, which causes hangs. This happens on defconfig + bare metal + s2ram. Fix this in lapic_resume() by disabling x2apic if the kernel expects it to be disabled, i.e. when x2apic_mode = 0. The ACPI v6.6 spec, Section 16.3 [1] says firmware restores either the pre-sleep configuration or initial boot configuration for each CPU, including MSR state: When executing from the power-on reset vector as a result of waking from an S2 or S3 sleep state, the platform firmware performs only the hardware initialization required to restore the system to either the state the platform was in prior to the initial operating system boot, or to the pre-sleep configuration state. In multiprocessor systems, non-boot processors should be placed in the same state as prior to the initial operating system boot. (further ahead) If this is an S2 or S3 wake, then the platform runtime firmware restores minimum context of the system before jumping to the waking vector. This includes: CPU configuration. Platform runtime firmware restores the pre-sleep configuration or initial boot configuration of each CPU (MSR, MTRR, firmware update, SMBase, and so on). Interrupts must be disabled (for IA-32 processors, disabled by CLI instruction). (and other things) So at least as per the spec, re-enablement of x2apic by the firmware is allowed if "x2apic on" is a part of the initial boot configuration. [1] https://uefi.org/specs/ACPI/6.6/16_Waking_and_Sleeping.html#initialization [ bp: Massage. ]

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 6e1cb38a2aef7680975e71f23de187859ee8b158 a6ad6f2e31b524cbb66b2f370bad0cf17d327e6c git Not specified
CNA Linux Linux affected 6e1cb38a2aef7680975e71f23de187859ee8b158 3dd0812a7c764cd8f3b0182441ac22da0a7f3b09 git Not specified
CNA Linux Linux affected 6e1cb38a2aef7680975e71f23de187859ee8b158 965289b120cc68cca886c75219c68b8c15751d73 git Not specified
CNA Linux Linux affected 6e1cb38a2aef7680975e71f23de187859ee8b158 f591938072115bf08730b8530c67fab189cc6308 git Not specified
CNA Linux Linux affected 6e1cb38a2aef7680975e71f23de187859ee8b158 1a85f84214f9d790216547ac6086bf8033cd9e5a git Not specified
CNA Linux Linux affected 6e1cb38a2aef7680975e71f23de187859ee8b158 11712c4eb384098db4cb08792e223c818b908c1a git Not specified
CNA Linux Linux affected 6e1cb38a2aef7680975e71f23de187859ee8b158 1d8440c1e7c49715f937416ac90cf260f1f1712c git Not specified
CNA Linux Linux affected 6e1cb38a2aef7680975e71f23de187859ee8b158 8cc7dd77a1466f0ec58c03478b2e735a5b289b96 git Not specified
CNA Linux Linux affected 2.6.28 Not specified
CNA Linux Linux unaffected 2.6.28 semver Not specified
CNA Linux Linux unaffected 5.10.253 5.10.* semver Not specified
CNA Linux Linux unaffected 5.15.203 5.15.* semver Not specified
CNA Linux Linux unaffected 6.1.167 6.1.* semver Not specified
CNA Linux Linux unaffected 6.6.130 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.78 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.19 6.18.* semver Not specified
CNA Linux Linux unaffected 6.19.9 6.19.* semver Not specified
CNA Linux Linux unaffected 7.0 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/f591938072115bf08730b8530c67fab189cc6308 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/11712c4eb384098db4cb08792e223c818b908c1a 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/1d8440c1e7c49715f937416ac90cf260f1f1712c 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/3dd0812a7c764cd8f3b0182441ac22da0a7f3b09 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/8cc7dd77a1466f0ec58c03478b2e735a5b289b96 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/1a85f84214f9d790216547ac6086bf8033cd9e5a 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/a6ad6f2e31b524cbb66b2f370bad0cf17d327e6c 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/965289b120cc68cca886c75219c68b8c15751d73 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report