{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23170", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.982Z", "datePublished": "2026-02-14T16:01:32.833Z", "dateUpdated": "2026-05-11T22:01:40.668Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:01:40.668Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imx/tve: fix probe device leak\n\nMake sure to drop the reference taken to the DDC device during probe on\nprobe failure (e.g. probe deferral) and on driver unbind."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/imx/ipuv3/imx-tve.c"], "versions": [{"version": "fcbc51e54d2aa9d402206601f4894251049e5d77", "lessThan": "f212652982c6725986cfa42fbf10d1dfa92c010e", "status": "affected", "versionType": "git"}, {"version": "fcbc51e54d2aa9d402206601f4894251049e5d77", "lessThan": "52755c5680ce333b33d0750a200fbc99420ed2b2", "status": "affected", "versionType": "git"}, {"version": "fcbc51e54d2aa9d402206601f4894251049e5d77", "lessThan": "4aaff8f6ab38f81e00ab8aa1fcfb7eb20cd87ba1", "status": "affected", "versionType": "git"}, {"version": "fcbc51e54d2aa9d402206601f4894251049e5d77", "lessThan": "9a15d3fdc22d48f597792aee0cf1bf0947fc62e6", "status": "affected", "versionType": "git"}, {"version": "fcbc51e54d2aa9d402206601f4894251049e5d77", "lessThan": "77365382585b40559d63538d09e26e4b2af28fbc", "status": "affected", "versionType": "git"}, {"version": "fcbc51e54d2aa9d402206601f4894251049e5d77", "lessThan": "ca68745e820ecd210e3ab018497c9e6b69025c4b", "status": "affected", "versionType": "git"}, {"version": "fcbc51e54d2aa9d402206601f4894251049e5d77", "lessThan": "e535c23513c63f02f67e3e09e0787907029efeaf", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/imx/ipuv3/imx-tve.c"], "versions": [{"version": "3.10", "status": "affected"}, {"version": "0", "lessThan": "3.10", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.249", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.199", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.162", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.123", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.69", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.9", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "5.10.249"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "5.15.199"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "6.1.162"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "6.6.123"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "6.12.69"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "6.18.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "6.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/f212652982c6725986cfa42fbf10d1dfa92c010e"}, {"url": "https://git.kernel.org/stable/c/52755c5680ce333b33d0750a200fbc99420ed2b2"}, {"url": "https://git.kernel.org/stable/c/4aaff8f6ab38f81e00ab8aa1fcfb7eb20cd87ba1"}, {"url": "https://git.kernel.org/stable/c/9a15d3fdc22d48f597792aee0cf1bf0947fc62e6"}, {"url": "https://git.kernel.org/stable/c/77365382585b40559d63538d09e26e4b2af28fbc"}, {"url": "https://git.kernel.org/stable/c/ca68745e820ecd210e3ab018497c9e6b69025c4b"}, {"url": "https://git.kernel.org/stable/c/e535c23513c63f02f67e3e09e0787907029efeaf"}], "title": "drm/imx/tve: fix probe device leak", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA9D1D05-1C8C-4322-9A41-41AB90AB4399", "versionEndExcluding": "5.10.249", "versionStartIncluding": "3.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A247FBA6-BEB9-484F-B892-DD5517949CCD", "versionEndExcluding": "5.15.199", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6579E0D4-0641-479D-A4C3-0EF618798C55", "versionEndExcluding": "6.1.162", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "316D8D4E-FE44-4C76-8403-63CAF51EEFC2", "versionEndExcluding": "6.6.123", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F0D11B0-A3DA-4D8F-89B9-CFD2094EBA37", "versionEndExcluding": "6.12.69", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "171CFCB2-8F49-4F9E-8A67-FAC6BF45B5A2", "versionEndExcluding": "6.18.9", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "13580667-0A98-40CC-B29F-D12790B91BDB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "CAD1FED7-CF48-47BF-AC7D-7B6FA3C065FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*", "matchCriteriaId": "3EF854A1-ABB1-4E93-BE9A-44569EC76C0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*", "matchCriteriaId": "F5DC0CA6-F0AF-4DDF-A882-3DADB9A886A7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imx/tve: fix probe device leak\n\nMake sure to drop the reference taken to the DDC device during probe on\nprobe failure (e.g. probe deferral) and on driver unbind."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ndrm/imx/tve: soluci\u00f3n a la fuga de dispositivo de sondeo\n\nAseg\u00farese de liberar la referencia tomada al dispositivo DDC durante el sondeo en caso de fallo del sondeo (p. ej., aplazamiento del sondeo) y al desvincular el controlador."}], "id": "CVE-2026-23170", "lastModified": "2026-03-18T14:57:32.293", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-14T16:15:57.247", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4aaff8f6ab38f81e00ab8aa1fcfb7eb20cd87ba1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/52755c5680ce333b33d0750a200fbc99420ed2b2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/77365382585b40559d63538d09e26e4b2af28fbc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9a15d3fdc22d48f597792aee0cf1bf0947fc62e6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ca68745e820ecd210e3ab018497c9e6b69025c4b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e535c23513c63f02f67e3e09e0787907029efeaf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f212652982c6725986cfa42fbf10d1dfa92c010e"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/imx/tve: fix probe device leak", "id": "2439912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439912"}, "csaw": false, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/imx/tve: fix probe device leak\nMake sure to drop the reference taken to the DDC device during probe on\nprobe failure (e.g. probe deferral) and on driver unbind."], "name": "CVE-2026-23170", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-02-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23170\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23170\nhttps://lore.kernel.org/linux-cve-announce/2026021421-CVE-2026-23170-7a51@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[fcbc51e54d2aa9d402206601f4894251049e5d77,f212652982c6725986cfa42fbf10d1dfa92c010e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[fcbc51e54d2aa9d402206601f4894251049e5d77,52755c5680ce333b33d0750a200fbc99420ed2b2)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[fcbc51e54d2aa9d402206601f4894251049e5d77,4aaff8f6ab38f81e00ab8aa1fcfb7eb20cd87ba1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[fcbc51e54d2aa9d402206601f4894251049e5d77,9a15d3fdc22d48f597792aee0cf1bf0947fc62e6)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[fcbc51e54d2aa9d402206601f4894251049e5d77,77365382585b40559d63538d09e26e4b2af28fbc)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[fcbc51e54d2aa9d402206601f4894251049e5d77,ca68745e820ecd210e3ab018497c9e6b69025c4b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[fcbc51e54d2aa9d402206601f4894251049e5d77,e535c23513c63f02f67e3e09e0787907029efeaf)"}}], "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.10"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,3.10)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.10.249,5.11.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.15.199,5.16.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.1.162,6.2.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.123,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.69,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.9,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.19,*]"}}], "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-17T19:30:05.787502+00:00", "value": {"mitigation_remediation": ["Upgrade the kernel to a version that includes the patch (any 6.19\u2011RC8 or later or the next stable release).", "If using a custom kernel, apply the patch to the drm/imx/tve source and rebuild the kernel before deployment.", "Disable or unload the DRM IMX TVE module on systems that do not require it to eliminate the lingering reference issue."], "summary": {"action": "Patch", "impact": "Memory Leak"}, "threat_synthesis": {"affected_systems": "It affects all Linux kernel source trees in the 6.19 release candidates (RC1 through RC7) that include the drm/imx/tve driver. The bug is present in any kernel built from those sources and has been fixed in the stable 6.19 release once the patch is applied. Systems running these kernels on devices that include the IMX TVE component are at risk, and users of distributions shipping those kernels should verify whether their kernel version is affected.", "description_and_impact": "The vulnerability is a memory leak in the DRM IMX TVE driver of the Linux kernel. During probe failure, the driver retains a reference to the DDC device, and it also fails to release the reference when the driver is unbound. This can lead to a gradual increase in kernel memory usage as repeated probe attempts or module reloads accumulate unreleased references, potentially degrading system performance or causing instability that could culminate in an out\u2011of\u2011memory condition.", "risk_and_exploitability": "The CVSS score is 5.5, indicating medium severity. The EPSS score is below 1%, so the likelihood of exploitation is very low. The vulnerability is not listed in CISA\u2019s Known Exploited Vulnerabilities catalog. The attack vector would be local: an attacker who can trigger the driver probe on a system that uses the affected kernel and includes the IMX TVE device. Since the flaw is a resource leak rather than an arbitrary code execution flaw, an attacker would need to induce repeated probe failures or unload/reload the driver, which requires elevated privileges or at least access to the device interface. This makes the risk lower unless the system is exposed to untrusted users or processes."}}}}, "created": "2026-02-16T09:44:18.953984+00:00", "title": "Kernel DRM IMX TVE Driver Probe Leak", "updated": "2026-04-17T19:30:15.649971+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}