CVE-2026-23170

In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure (e.g. probe deferral) and on driver unbind.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/4aaff8f6ab38f81e00ab8aa1fcfb7eb20cd87ba1	Patch
https://git.kernel.org/stable/c/52755c5680ce333b33d0750a200fbc99420ed2b2	Patch
https://git.kernel.org/stable/c/77365382585b40559d63538d09e26e4b2af28fbc	Patch
https://git.kernel.org/stable/c/9a15d3fdc22d48f597792aee0cf1bf0947fc62e6	Patch
https://git.kernel.org/stable/c/ca68745e820ecd210e3ab018497c9e6b69025c4b	Patch
https://git.kernel.org/stable/c/e535c23513c63f02f67e3e09e0787907029efeaf	Patch
https://git.kernel.org/stable/c/f212652982c6725986cfa42fbf10d1dfa92c010e	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc7::::::

History

18 Mar 2026, 14:57

Type	Values Removed	Values Added
First Time		Linux Linux linux Kernel
CPE		cpe:2.3:o:linux:linux_kernel:6.19:rc1:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.19:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc7::::::
References	~~() https://git.kernel.org/stable/c/4aaff8f6ab38f81e00ab8aa1fcfb7eb20cd87ba1 -~~	() https://git.kernel.org/stable/c/4aaff8f6ab38f81e00ab8aa1fcfb7eb20cd87ba1 - Patch
References	~~() https://git.kernel.org/stable/c/52755c5680ce333b33d0750a200fbc99420ed2b2 -~~	() https://git.kernel.org/stable/c/52755c5680ce333b33d0750a200fbc99420ed2b2 - Patch
References	~~() https://git.kernel.org/stable/c/77365382585b40559d63538d09e26e4b2af28fbc -~~	() https://git.kernel.org/stable/c/77365382585b40559d63538d09e26e4b2af28fbc - Patch
References	~~() https://git.kernel.org/stable/c/9a15d3fdc22d48f597792aee0cf1bf0947fc62e6 -~~	() https://git.kernel.org/stable/c/9a15d3fdc22d48f597792aee0cf1bf0947fc62e6 - Patch
References	~~() https://git.kernel.org/stable/c/ca68745e820ecd210e3ab018497c9e6b69025c4b -~~	() https://git.kernel.org/stable/c/ca68745e820ecd210e3ab018497c9e6b69025c4b - Patch
References	~~() https://git.kernel.org/stable/c/e535c23513c63f02f67e3e09e0787907029efeaf -~~	() https://git.kernel.org/stable/c/e535c23513c63f02f67e3e09e0787907029efeaf - Patch
References	~~() https://git.kernel.org/stable/c/f212652982c6725986cfa42fbf10d1dfa92c010e -~~	() https://git.kernel.org/stable/c/f212652982c6725986cfa42fbf10d1dfa92c010e - Patch
CWE		CWE-401
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

18 Feb 2026, 17:52

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: drm/imx/tve: solución a la fuga de dispositivo de sondeo Asegúrese de liberar la referencia tomada al dispositivo DDC durante el sondeo en caso de fallo del sondeo (p. ej., aplazamiento del sondeo) y al desvincular el controlador.

14 Feb 2026, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-14 16:15

Updated : 2026-03-18 14:57

NVD link : CVE-2026-23170

Mitre link : CVE-2026-23170

CVE.ORG link : CVE-2026-23170

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10