{
  "affected": [
    {
      "ecosystem_specific": {
        "urgency": "not yet assigned"
      },
      "package": {
        "ecosystem": "Debian:11",
        "name": "linux"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.10.257-1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "ecosystem_specific": {
        "urgency": "not yet assigned"
      },
      "package": {
        "ecosystem": "Debian:12",
        "name": "linux"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1.170-1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "ecosystem_specific": {
        "urgency": "not yet assigned"
      },
      "package": {
        "ecosystem": "Debian:13",
        "name": "linux"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.12.85-1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "ecosystem_specific": {
        "urgency": "not yet assigned"
      },
      "package": {
        "ecosystem": "Debian:14",
        "name": "linux"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.19.10-1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "ecosystem_specific": {
        "urgency": "not yet assigned"
      },
      "package": {
        "ecosystem": "Debian:11",
        "name": "linux-6.1"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1.170-1~deb11u1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "In the Linux kernel, the following vulnerability has been resolved:  PM: runtime: Fix a race condition related to device removal  The following code in pm_runtime_work() may dereference the dev-\u003eparent pointer after the parent device has been freed:  \t/* Maybe the parent is now able to suspend. */ \tif (parent \u0026\u0026 !parent-\u003epower.ignore_children) { \t\tspin_unlock(\u0026dev-\u003epower.lock);  \t\tspin_lock(\u0026parent-\u003epower.lock); \t\trpm_idle(parent, RPM_ASYNC); \t\tspin_unlock(\u0026parent-\u003epower.lock);  \t\tspin_lock(\u0026dev-\u003epower.lock); \t}  Fix this by inserting a flush_work() call in pm_runtime_remove().  Without this patch blktest block/001 triggers the following complaint sporadically:  BUG: KASAN: slab-use-after-free in lock_acquire+0x70/0x160 Read of size 1 at addr ffff88812bef7198 by task kworker/u553:1/3081 Workqueue: pm pm_runtime_work Call Trace:  \u003cTASK\u003e  dump_stack_lvl+0x61/0x80  print_address_description.constprop.0+0x8b/0x310  print_report+0xfd/0x1d7  kasan_report+0xd8/0x1d0  __kasan_check_byte+0x42/0x60  lock_acquire.part.0+0x38/0x230  lock_acquire+0x70/0x160  _raw_spin_lock+0x36/0x50  rpm_suspend+0xc6a/0xfe0  rpm_idle+0x578/0x770  pm_runtime_work+0xee/0x120  process_one_work+0xde3/0x1410  worker_thread+0x5eb/0xfe0  kthread+0x37b/0x480  ret_from_fork+0x6cb/0x920  ret_from_fork_asm+0x11/0x20  \u003c/TASK\u003e  Allocated by task 4314:  kasan_save_stack+0x2a/0x50  kasan_save_track+0x18/0x40  kasan_save_alloc_info+0x3d/0x50  __kasan_kmalloc+0xa0/0xb0  __kmalloc_noprof+0x311/0x990  scsi_alloc_target+0x122/0xb60 [scsi_mod]  __scsi_scan_target+0x101/0x460 [scsi_mod]  scsi_scan_channel+0x179/0x1c0 [scsi_mod]  scsi_scan_host_selected+0x259/0x2d0 [scsi_mod]  store_scan+0x2d2/0x390 [scsi_mod]  dev_attr_store+0x43/0x80  sysfs_kf_write+0xde/0x140  kernfs_fop_write_iter+0x3ef/0x670  vfs_write+0x506/0x1470  ksys_write+0xfd/0x230  __x64_sys_write+0x76/0xc0  x64_sys_call+0x213/0x1810  do_syscall_64+0xee/0xfc0  entry_SYSCALL_64_after_hwframe+0x4b/0x53  Freed by task 4314:  kasan_save_stack+0x2a/0x50  kasan_save_track+0x18/0x40  kasan_save_free_info+0x3f/0x50  __kasan_slab_free+0x67/0x80  kfree+0x225/0x6c0  scsi_target_dev_release+0x3d/0x60 [scsi_mod]  device_release+0xa3/0x220  kobject_cleanup+0x105/0x3a0  kobject_put+0x72/0xd0  put_device+0x17/0x20  scsi_device_dev_release+0xacf/0x12c0 [scsi_mod]  device_release+0xa3/0x220  kobject_cleanup+0x105/0x3a0  kobject_put+0x72/0xd0  put_device+0x17/0x20  scsi_device_put+0x7f/0xc0 [scsi_mod]  sdev_store_delete+0xa5/0x120 [scsi_mod]  dev_attr_store+0x43/0x80  sysfs_kf_write+0xde/0x140  kernfs_fop_write_iter+0x3ef/0x670  vfs_write+0x506/0x1470  ksys_write+0xfd/0x230  __x64_sys_write+0x76/0xc0  x64_sys_call+0x213/0x1810",
  "id": "DEBIAN-CVE-2026-23452",
  "modified": "2026-05-29T17:48:10.716216559Z",
  "published": "2026-04-03T16:16:31.617Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://security-tracker.debian.org/tracker/CVE-2026-23452"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "upstream": [
    "CVE-2026-23452"
  ]
}