PT-2026-40684 · Linux · Linux
Published
2026-05-13
·
Updated
2026-05-13
·
CVE-2026-43477
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/vrr: Configure VRR timings after enabling TRANS DDI FUNC CTL
Apparently ICL may hang with an MCE if we write TRANS VRR VMAX/FLIPLINE
before enabling TRANS DDI FUNC CTL.
Personally I was only able to reproduce a hang (on an Dell XPS 7390
2-in-1) with an external display connected via a dock using a dodgy
type-C cable that made the link training fail. After the failed
link training the machine would hang. TGL seemed immune to the
problem for whatever reason.
BSpec does tell us to configure VRR after enabling TRANS DDI FUNC CTL
as well. The DMC firmware also does the VRR restore in two stages:
- first stage seems to be unconditional and includes TRANS VRR CTL and a few other VRR registers, among other things
- second stage is conditional on the DDI being enabled, and includes TRANS DDI FUNC CTL and TRANS VRR VMAX/VMIN/FLIPLINE, among other things
So let's reorder the steps to match to avoid the hang, and
toss in an extra WARN to make sure we don't screw this up later.
BSpec: 22243
(cherry picked from commit 93f3a267c3dd4d811b224bb9e179a10d81456a74)
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux