CVE-2024-26918

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a bogus requirement added for runtime PM managed devices to be in the RPM ACTIVE state for PME polling. In fact, only devices in low power states should be polled. There is still a requirement for the device config space to be accessible, which affects both the polled device and the parent bridge. The bridge must be in the RPM ACTIVE state to maintain accessibility during polling. This resolves a regression where a Thunderbolt/USB4 hierarchy fails to scan for an attached NVMe endpoint downstream of a bridge in a D3hot power state.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.