CVE-2024-36026: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-36026 affects the Linux kernel's AMD graphics driver, specifically the power management component for SMU v13.0.4/11. The vulnerability was discovered and disclosed on May 30, 2024, and involves a random system hang during S4 (hibernate) state transitions. The issue affects various Linux distributions and kernel versions that use the AMD graphics driver with the specified SMU version (NVD).

The vulnerability occurs when performing multiple S4 (hibernate) stress tests, where the Graphics Controller (GC), Run List Controller (RLC), and Power Management Firmware (PMFW) can enter an invalid state, resulting in hard system hangs. The issue is specifically related to the state transition handling in the AMD driver's power management component. The fix involves adding a Graphics (GFX) reset as a workaround just before sending the MP1_UNLOAD message to prevent the components from entering an invalid state (Kernel Commit).

When exploited, this vulnerability can cause system stability issues, specifically resulting in hard hangs during S4 (hibernate) operations. This primarily affects systems using AMD graphics hardware with SMU v13.0.4/11, potentially disrupting system operation and requiring a hard reset to recover (NVD).

The issue has been fixed in the Linux kernel through a patch that implements a GFX reset workaround. The fix has been integrated into various kernel versions and distributions. Ubuntu 24.04 LTS (Noble) has fixed the issue in version 6.8.0-38.38, and similar fixes have been applied to other kernel variants. Users are advised to update their systems to the patched versions (Ubuntu Security).