A newly disclosed vulnerability in the Linux kernel's aqc111 USB Ethernet driver, tracked as CVE-2026-23446, has been patched after researchers identified a deadlock condition that could crash systems during suspend operations. The flaw, which carries a CVSS score of 5.5 (Medium), affects all Linux distributions using the driver prior to the fix.

The vulnerability was introduced in kernel version 5.12-rc1 and remained unpatched until the recent commit. It specifically impacts the Aquantia AQC111U/AQC112U USB 3.0 to 5GbE Ethernet adapter driver, commonly used in high-performance networking setups where USB-connected Ethernet is required.

Technical Breakdown of the Deadlock

The core issue lies in the driver's suspend callback function, aqc111_suspend(). When the system enters a suspend state, this function attempts to acquire a mutex (pmutex) that protects the driver's data structures. However, the same mutex is already held by the USB core's suspend routine, creating a classic deadlock scenario.

In simplified terms, the driver's suspend handler tries to lock a resource that the caller (USB core) already holds. This results in the system hanging indefinitely during suspend, requiring a hard reset to recover. The deadlock can be triggered by any user with physical access to the USB device or by automated power management events.

Affected Systems and Impact

Any Linux system using the aqc111 driver with a kernel version between 5.12-rc1 and the patched version is vulnerable. This includes popular distributions like Ubuntu, Fedora, Debian, and Arch Linux, provided they use the in-tree driver. Users of the Aquantia AQC111U or AQC112U adapters are particularly at risk.

The practical impact is system unresponsiveness during suspend/resume cycles. While the vulnerability does not allow remote code execution or data theft, it can lead to data loss if unsaved work is affected by a forced reboot. System administrators managing servers or workstations with these adapters should prioritize patching.

The Fix: Proper Mutex Handling

The patch, authored by kernel developer Nikita Zhandarovich and reviewed by the USB networking maintainers, addresses the deadlock by restructuring the suspend path. Instead of acquiring the mutex directly, the driver now uses a workqueue to defer the mutex acquisition, ensuring it does not conflict with the USB core's lock.

Specifically, the fix moves the mutex-dependent operations to a separate worker thread that runs after the USB core has released its own locks. This approach, common in USB drivers, eliminates the circular wait condition.

Timeline of Discovery and Patching

  • March 2021: The flawed code was introduced in kernel 5.12-rc1.
  • October 2025: The vulnerability was reported to the Linux kernel security team.
  • November 2025: A patch was developed and reviewed.
  • December 2025: The fix was merged into the mainline kernel and backported to stable releases.
  • January 2026: CVE-2026-23446 was publicly disclosed.

Recommendations for Users and Administrators

The most effective mitigation is to update to a patched kernel version. Users should check their distribution for updates containing the fix, which is identified by the commit hash c6e9d2a3b8f5 in the mainline kernel tree.

For those unable to update immediately, a workaround is to unload the aqc111 module before suspending the system:

sudo modprobe -r aqc111

This prevents the driver from participating in suspend operations, avoiding the deadlock. However, this disables the USB Ethernet adapter until the module is reloaded.

Community and Industry Response

The Linux kernel community has praised the quick response to this vulnerability, noting that while the impact is limited to a specific driver, the fix demonstrates the robustness of the open-source development model. Distribution maintainers have already begun rolling out updates.

Conclusion

CVE-2026-23446 serves as a reminder that even seemingly minor driver bugs can have significant consequences for system stability. The aqc111 USB Ethernet deadlock highlights the importance of careful mutex handling in power management paths. Users are strongly advised to apply the kernel update to ensure reliable suspend/resume behavior with Aquantia USB Ethernet adapters.