From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4369D477E51
	for <linux-cve-announce@vger.kernel.org>; Wed, 13 May 2026 15:09:23 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1778684964; cv=none; b=vF3/8L2XMzR8A1IEvdD4OQY3JYLDzB6UWVkizv9+Xy8S+D7PjWywRh4+oUzyncY3H8OwfABfeZWJpcEdYlOFvxG2XdLfXI1s59zOLef74itgX30Z+RA09VwDN8WbALiaZy04AXv5A3kDHkfNVaXH36d/zNXhZlC6TOhw8iuNCRE=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1778684964; c=relaxed/simple;
	bh=eKRFM4WfON4s70fpCXj+svujDTO+CYKKny1E5r3ZKa0=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=ggROLaZUObdr26qaKL3yQZXD2dep3DMiPIaYb9U2dxqwoOlKDp4P2BRzBH86eIh9n7bY3q5fHiqRX6YhqmL7gUtAfccqJlAKdU3e5+n8p2JR6hb7br9NAEXqigWXDjPqt0BfhbC6vu0+iTVg2RglD01H85jU3OFzIGOsEG93wCA=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=C3pnL29l; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="C3pnL29l"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 81C29C19425;
	Wed, 13 May 2026 15:09:23 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
	s=korg; t=1778684963;
	bh=eKRFM4WfON4s70fpCXj+svujDTO+CYKKny1E5r3ZKa0=;
	h=From:To:Cc:Subject:Date:Reply-To:From;
	b=C3pnL29lS2L7+g7A/KANT7XR/XCK/i1WqQBy+LDKAXIfSFLYYzlGQHVRicVYJSeqN
	 ctu7gLE/G4AZCn7/jlbma//6Z72Te0Mz1ygNyekK3iCHXdHiZDAhF969010fdrKhFP
	 FJjPbAU8Ns5JUiPP1/vFVdcxeX/7QwH4+QFOZu+o=
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-cve-announce@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@kernel.org>
Subject: CVE-2026-43485: nouveau/gsp: drop WARN_ON in ACPI probes
Date: Wed, 13 May 2026 17:08:53 +0200
Message-ID: <2026051349-CVE-2026-43485-1a35@gregkh>
X-Mailer: git-send-email 2.54.0
Reply-To: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
Precedence: bulk
X-Mailing-List: linux-cve-announce@vger.kernel.org
List-Id: <linux-cve-announce.vger.kernel.org>
List-Subscribe: <mailto:linux-cve-announce+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-cve-announce+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Developer-Signature: v=1; a=openpgp-sha256; l=2140; i=gregkh@linuxfoundation.org; h=from:subject:message-id; bh=gaJtpM15osuidrSSRH4FffRlKPaX4Nhj+LqbJvFZ0Ag=; b=owGbwMvMwCRo6H6F97bub03G02pJDFksUxgL9kTYNz/3WaR06/zzuAeXFDrSMlc4pt8xvKc4f 9mOtZ6zOmJZGASZGGTFFFm+bOM5ur/ikKKXoe1pmDmsTCBDGLg4BWAizCUM82PMl1XsqP4StIA/ PPeWcesx+W/cbQwL1qyNVFJ+fbGySsVmX0GhdUjyasMtAA==
X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29
Content-Transfer-Encoding: 8bit

From: Greg Kroah-Hartman <gregkh@kernel.org>

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

nouveau/gsp: drop WARN_ON in ACPI probes

These WARN_ONs seem to trigger a lot, and we don't seem to have a
plan to fix them, so just drop them, as they are most likely
harmless.

The Linux kernel CVE team has assigned CVE-2026-43485 to this issue.


Affected and fixed versions
===========================

	Issue introduced in 6.7 with commit 176fdcbddfd288408ce8571c1760ad618d962096 and fixed in 6.18.19 with commit 214b6bde0e941a34ba877cf2f26f85d62fb5d598
	Issue introduced in 6.7 with commit 176fdcbddfd288408ce8571c1760ad618d962096 and fixed in 6.19.9 with commit d1c991c860496d97044802ea54b30f20db468c1d
	Issue introduced in 6.7 with commit 176fdcbddfd288408ce8571c1760ad618d962096 and fixed in 7.0 with commit 9478c166c46934160135e197b049b5a05753f2ad

Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2026-43485
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/gsp.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/214b6bde0e941a34ba877cf2f26f85d62fb5d598
	https://git.kernel.org/stable/c/d1c991c860496d97044802ea54b30f20db468c1d
	https://git.kernel.org/stable/c/9478c166c46934160135e197b049b5a05753f2ad