CVE-2026-53051

In the Linux kernel, the following vulnerability has been resolved:

PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on

When PERST# is deasserted twice (assert -> deassert -> assert -> deassert), a CBB (Control Backbone) timeout occurs at DBI register offset 0x8bc (PCIE MISC CONTROL 1 OFF). This happens because pci epc deinit notify() and dw pcie ep cleanup() are called before reset control deassert() powers on the controller core.

The call chain that causes the timeout:

pex ep event pex rst deassert() pci epc deinit notify() pci epf test epc deinit() pci epf test clear bar() pci epc clear bar() dw pcie ep clear bar() dw pcie ep reset bar() dw pcie dbi ro wr en() <- Accesses 0x8bc DBI register reset control deassert(pcie->core rst) <- Core powered on HERE

The DBI registers, including PCIE MISC CONTROL 1 OFF (0x8bc), are only accessible after the controller core is powered on via reset control deassert(pcie->core rst). Accessing them before this point results in a CBB timeout because the hardware is not yet operational.

Fix this by moving pci epc deinit notify() and dw pcie ep cleanup() to after reset control deassert(pcie->core rst), ensuring the controller is fully powered on before any DBI register accesses occur.