{"api_version":"1","generated_at":"2026-04-24T22:13:22+00:00","cve":"CVE-2026-31550","urls":{"html":"https://cve.report/CVE-2026-31550","api":"https://cve.report/api/cve/CVE-2026-31550.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-31550","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-31550"},"summary":{"title":"pmdomain: bcm: bcm2835-power: Increase ASB control timeout","description":"In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: bcm: bcm2835-power: Increase ASB control timeout\n\nThe bcm2835_asb_control() function uses a tight polling loop to wait\nfor the ASB bridge to acknowledge a request. During intensive workloads,\nthis handshake intermittently fails for V3D's master ASB on BCM2711,\nresulting in \"Failed to disable ASB master for v3d\" errors during\nruntime PM suspend. As a consequence, the failed power-off leaves V3D in\na broken state, leading to bus faults or system hangs on later accesses.\n\nAs the timeout is insufficient in some scenarios, increase the polling\ntimeout from 1us to 5us, which is still negligible in the context of a\npower domain transition. Also, replace the open-coded ktime_get_ns()/\ncpu_relax() polling loop with readl_poll_timeout_atomic().","state":"PUBLISHED","assigner":"Linux","published_at":"2026-04-24 15:16:29","updated_at":"2026-04-24 17:51:40"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/b826d2c0b0ecb844c84431ba6b502e744f5d919a","name":"https://git.kernel.org/stable/c/b826d2c0b0ecb844c84431ba6b502e744f5d919a","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/9443202d91388026dbf7312972a74fbfd27ee82f","name":"https://git.kernel.org/stable/c/9443202d91388026dbf7312972a74fbfd27ee82f","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/c5e734f6a0740dce92e7c919e632cb43fa5d4e53","name":"https://git.kernel.org/stable/c/c5e734f6a0740dce92e7c919e632cb43fa5d4e53","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/572f17180f26619809b8e0593d926762aa8660ff","name":"https://git.kernel.org/stable/c/572f17180f26619809b8e0593d926762aa8660ff","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/18605b1b936b66b1f34dcf8e9ad4f1fbcf7a7c13","name":"https://git.kernel.org/stable/c/18605b1b936b66b1f34dcf8e9ad4f1fbcf7a7c13","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/ea4fa54b83bb2e4a21e9026824bfe271b1a6ee1e","name":"https://git.kernel.org/stable/c/ea4fa54b83bb2e4a21e9026824bfe271b1a6ee1e","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/0e84e74849d2d7e9b23a09c2d5e0d9357db1ca59","name":"https://git.kernel.org/stable/c/0e84e74849d2d7e9b23a09c2d5e0d9357db1ca59","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/622ab02e955c35c125ff2b65d8327b2c52db8758","name":"https://git.kernel.org/stable/c/622ab02e955c35c125ff2b65d8327b2c52db8758","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-31550","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31550","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 670c672608a1ffcbc7ac0f872734843593bb8b15 0e84e74849d2d7e9b23a09c2d5e0d9357db1ca59 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 670c672608a1ffcbc7ac0f872734843593bb8b15 c5e734f6a0740dce92e7c919e632cb43fa5d4e53 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 670c672608a1ffcbc7ac0f872734843593bb8b15 622ab02e955c35c125ff2b65d8327b2c52db8758 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 670c672608a1ffcbc7ac0f872734843593bb8b15 9443202d91388026dbf7312972a74fbfd27ee82f git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 670c672608a1ffcbc7ac0f872734843593bb8b15 ea4fa54b83bb2e4a21e9026824bfe271b1a6ee1e git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 670c672608a1ffcbc7ac0f872734843593bb8b15 18605b1b936b66b1f34dcf8e9ad4f1fbcf7a7c13 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 670c672608a1ffcbc7ac0f872734843593bb8b15 572f17180f26619809b8e0593d926762aa8660ff git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 670c672608a1ffcbc7ac0f872734843593bb8b15 b826d2c0b0ecb844c84431ba6b502e744f5d919a git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 5.1","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.1 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.10.253 5.10.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.15.203 5.15.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.1.167 6.1.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.6.130 6.6.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.12.78 6.12.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18.20 6.18.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.19.10 6.19.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.0 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["drivers/pmdomain/bcm/bcm2835-power.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"0e84e74849d2d7e9b23a09c2d5e0d9357db1ca59","status":"affected","version":"670c672608a1ffcbc7ac0f872734843593bb8b15","versionType":"git"},{"lessThan":"c5e734f6a0740dce92e7c919e632cb43fa5d4e53","status":"affected","version":"670c672608a1ffcbc7ac0f872734843593bb8b15","versionType":"git"},{"lessThan":"622ab02e955c35c125ff2b65d8327b2c52db8758","status":"affected","version":"670c672608a1ffcbc7ac0f872734843593bb8b15","versionType":"git"},{"lessThan":"9443202d91388026dbf7312972a74fbfd27ee82f","status":"affected","version":"670c672608a1ffcbc7ac0f872734843593bb8b15","versionType":"git"},{"lessThan":"ea4fa54b83bb2e4a21e9026824bfe271b1a6ee1e","status":"affected","version":"670c672608a1ffcbc7ac0f872734843593bb8b15","versionType":"git"},{"lessThan":"18605b1b936b66b1f34dcf8e9ad4f1fbcf7a7c13","status":"affected","version":"670c672608a1ffcbc7ac0f872734843593bb8b15","versionType":"git"},{"lessThan":"572f17180f26619809b8e0593d926762aa8660ff","status":"affected","version":"670c672608a1ffcbc7ac0f872734843593bb8b15","versionType":"git"},{"lessThan":"b826d2c0b0ecb844c84431ba6b502e744f5d919a","status":"affected","version":"670c672608a1ffcbc7ac0f872734843593bb8b15","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["drivers/pmdomain/bcm/bcm2835-power.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"5.1"},{"lessThan":"5.1","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"5.10.*","status":"unaffected","version":"5.10.253","versionType":"semver"},{"lessThanOrEqual":"5.15.*","status":"unaffected","version":"5.15.203","versionType":"semver"},{"lessThanOrEqual":"6.1.*","status":"unaffected","version":"6.1.167","versionType":"semver"},{"lessThanOrEqual":"6.6.*","status":"unaffected","version":"6.6.130","versionType":"semver"},{"lessThanOrEqual":"6.12.*","status":"unaffected","version":"6.12.78","versionType":"semver"},{"lessThanOrEqual":"6.18.*","status":"unaffected","version":"6.18.20","versionType":"semver"},{"lessThanOrEqual":"6.19.*","status":"unaffected","version":"6.19.10","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"7.0","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.10.253","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.203","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.167","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6.130","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12.78","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.20","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.19.10","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0","versionStartIncluding":"5.1","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: bcm: bcm2835-power: Increase ASB control timeout\n\nThe bcm2835_asb_control() function uses a tight polling loop to wait\nfor the ASB bridge to acknowledge a request. During intensive workloads,\nthis handshake intermittently fails for V3D's master ASB on BCM2711,\nresulting in \"Failed to disable ASB master for v3d\" errors during\nruntime PM suspend. As a consequence, the failed power-off leaves V3D in\na broken state, leading to bus faults or system hangs on later accesses.\n\nAs the timeout is insufficient in some scenarios, increase the polling\ntimeout from 1us to 5us, which is still negligible in the context of a\npower domain transition. Also, replace the open-coded ktime_get_ns()/\ncpu_relax() polling loop with readl_poll_timeout_atomic()."}],"providerMetadata":{"dateUpdated":"2026-04-24T14:33:17.508Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/0e84e74849d2d7e9b23a09c2d5e0d9357db1ca59"},{"url":"https://git.kernel.org/stable/c/c5e734f6a0740dce92e7c919e632cb43fa5d4e53"},{"url":"https://git.kernel.org/stable/c/622ab02e955c35c125ff2b65d8327b2c52db8758"},{"url":"https://git.kernel.org/stable/c/9443202d91388026dbf7312972a74fbfd27ee82f"},{"url":"https://git.kernel.org/stable/c/ea4fa54b83bb2e4a21e9026824bfe271b1a6ee1e"},{"url":"https://git.kernel.org/stable/c/18605b1b936b66b1f34dcf8e9ad4f1fbcf7a7c13"},{"url":"https://git.kernel.org/stable/c/572f17180f26619809b8e0593d926762aa8660ff"},{"url":"https://git.kernel.org/stable/c/b826d2c0b0ecb844c84431ba6b502e744f5d919a"}],"title":"pmdomain: bcm: bcm2835-power: Increase ASB control timeout","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-31550","datePublished":"2026-04-24T14:33:17.508Z","dateReserved":"2026-03-09T15:48:24.115Z","dateUpdated":"2026-04-24T14:33:17.508Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-24 15:16:29","lastModifiedDate":"2026-04-24 17:51:40","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"31550","Ordinal":"1","Title":"pmdomain: bcm: bcm2835-power: Increase ASB control timeout","CVE":"CVE-2026-31550","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"31550","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: bcm: bcm2835-power: Increase ASB control timeout\n\nThe bcm2835_asb_control() function uses a tight polling loop to wait\nfor the ASB bridge to acknowledge a request. During intensive workloads,\nthis handshake intermittently fails for V3D's master ASB on BCM2711,\nresulting in \"Failed to disable ASB master for v3d\" errors during\nruntime PM suspend. As a consequence, the failed power-off leaves V3D in\na broken state, leading to bus faults or system hangs on later accesses.\n\nAs the timeout is insufficient in some scenarios, increase the polling\ntimeout from 1us to 5us, which is still negligible in the context of a\npower domain transition. Also, replace the open-coded ktime_get_ns()/\ncpu_relax() polling loop with readl_poll_timeout_atomic().","Type":"Description","Title":"pmdomain: bcm: bcm2835-power: Increase ASB control timeout"}]}}}