{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23190", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.985Z", "datePublished": "2026-02-14T16:27:18.203Z", "dateUpdated": "2026-05-11T22:02:04.082Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:02:04.082Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: amd: fix memory leak in acp3x pdm dma ops"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/soc/amd/renoir/acp3x-pdm-dma.c"], "versions": [{"version": "4a767b1d039a855c491c4853013804323c06f728", "lessThan": "9f23800c7eed06cb8ccae8a225f5e3d421b0d4cc", "status": "affected", "versionType": "git"}, {"version": "4a767b1d039a855c491c4853013804323c06f728", "lessThan": "d7ead6512650447a4cd6db774a2379acb259650c", "status": "affected", "versionType": "git"}, {"version": "4a767b1d039a855c491c4853013804323c06f728", "lessThan": "6d33640404968fe9f14a1252b337362b62fff490", "status": "affected", "versionType": "git"}, {"version": "4a767b1d039a855c491c4853013804323c06f728", "lessThan": "0e0120214b5dcb0bf6b2171bb4e68e38968b2861", "status": "affected", "versionType": "git"}, {"version": "4a767b1d039a855c491c4853013804323c06f728", "lessThan": "c9c14d2abe4c5546fcd3a7347fadc4aad2b308d8", "status": "affected", "versionType": "git"}, {"version": "4a767b1d039a855c491c4853013804323c06f728", "lessThan": "279cb9180510f7e13c3a4dfde8c16a8fbc7c5709", "status": "affected", "versionType": "git"}, {"version": "4a767b1d039a855c491c4853013804323c06f728", "lessThan": "7f67ba5413f98d93116a756e7f17cd2c1d6c2bd6", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/soc/amd/renoir/acp3x-pdm-dma.c"], "versions": [{"version": "5.8", "status": "affected"}, {"version": "0", "lessThan": "5.8", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.250", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.200", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.163", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.124", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.70", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.10", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "5.10.250"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "5.15.200"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "6.1.163"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "6.6.124"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "6.12.70"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "6.18.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "6.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/9f23800c7eed06cb8ccae8a225f5e3d421b0d4cc"}, {"url": "https://git.kernel.org/stable/c/d7ead6512650447a4cd6db774a2379acb259650c"}, {"url": "https://git.kernel.org/stable/c/6d33640404968fe9f14a1252b337362b62fff490"}, {"url": "https://git.kernel.org/stable/c/0e0120214b5dcb0bf6b2171bb4e68e38968b2861"}, {"url": "https://git.kernel.org/stable/c/c9c14d2abe4c5546fcd3a7347fadc4aad2b308d8"}, {"url": "https://git.kernel.org/stable/c/279cb9180510f7e13c3a4dfde8c16a8fbc7c5709"}, {"url": "https://git.kernel.org/stable/c/7f67ba5413f98d93116a756e7f17cd2c1d6c2bd6"}], "title": "ASoC: amd: fix memory leak in acp3x pdm dma ops", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5948D876-1EEE-4A85-B904-850676F5806E", "versionEndExcluding": "5.10.250", "versionStartIncluding": "5.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D16F6370-B70F-471C-8363-3A17B0BB1DA9", "versionEndExcluding": "5.15.200", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9C856E1-4308-4C0B-A973-7DD375DF66C4", "versionEndExcluding": "6.1.163", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "76183B9F-CABE-4E21-A3E3-F0EBF99DC3C7", "versionEndExcluding": "6.6.124", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3791390-0628-4808-99EF-1ED8ABF60933", "versionEndExcluding": "6.12.70", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7156C23F-009E-4D05-838C-A2DA417B5B8D", "versionEndExcluding": "6.18.10", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "13580667-0A98-40CC-B29F-D12790B91BDB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "CAD1FED7-CF48-47BF-AC7D-7B6FA3C065FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*", "matchCriteriaId": "3EF854A1-ABB1-4E93-BE9A-44569EC76C0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*", "matchCriteriaId": "F5DC0CA6-F0AF-4DDF-A882-3DADB9A886A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*", "matchCriteriaId": "EB5B7DFC-C36B-45D8-922C-877569FDDF43", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: amd: fix memory leak in acp3x pdm dma ops"}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nASoC: amd: correcci\u00f3n de fuga de memoria en las operaciones DMA de pdm acp3x"}], "id": "CVE-2026-23190", "lastModified": "2026-03-18T17:11:17.490", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-14T17:15:56.810", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0e0120214b5dcb0bf6b2171bb4e68e38968b2861"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/279cb9180510f7e13c3a4dfde8c16a8fbc7c5709"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6d33640404968fe9f14a1252b337362b62fff490"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7f67ba5413f98d93116a756e7f17cd2c1d6c2bd6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9f23800c7eed06cb8ccae8a225f5e3d421b0d4cc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c9c14d2abe4c5546fcd3a7347fadc4aad2b308d8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d7ead6512650447a4cd6db774a2379acb259650c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: ASoC: amd: fix memory leak in acp3x pdm dma ops", "id": "2439917", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439917"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2026-23190", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-02-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23190\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23190\nhttps://lore.kernel.org/linux-cve-announce/2026021433-CVE-2026-23190-0719@gregkh/T"], "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[4a767b1d039a855c491c4853013804323c06f728,9f23800c7eed06cb8ccae8a225f5e3d421b0d4cc)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[4a767b1d039a855c491c4853013804323c06f728,d7ead6512650447a4cd6db774a2379acb259650c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[4a767b1d039a855c491c4853013804323c06f728,6d33640404968fe9f14a1252b337362b62fff490)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[4a767b1d039a855c491c4853013804323c06f728,0e0120214b5dcb0bf6b2171bb4e68e38968b2861)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[4a767b1d039a855c491c4853013804323c06f728,c9c14d2abe4c5546fcd3a7347fadc4aad2b308d8)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[4a767b1d039a855c491c4853013804323c06f728,279cb9180510f7e13c3a4dfde8c16a8fbc7c5709)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[4a767b1d039a855c491c4853013804323c06f728,7f67ba5413f98d93116a756e7f17cd2c1d6c2bd6)"}}], "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.8"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,5.8)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.10.250,5.11.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.15.200,5.16.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.1.163,6.2.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.124,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.70,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.10,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.19,*]"}}], "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-17T19:25:25.736039+00:00", "value": {"mitigation_remediation": ["Apply a newer kernel release (e.g., Linux 6.19 final or any later version) that contains the memory\u2011leak fix.", "If an immediate kernel upgrade is not feasible, unload or blacklist the acp3x pdm DMA ops module to prevent further memory usage until the patch is applied.", "Continuously monitor system memory usage and kernel logs for abnormal growth patterns that may indicate driver\u2011related leaks."], "summary": {"action": "Patch kernel", "impact": "memory leak leading to availability degradation"}, "threat_synthesis": {"affected_systems": "Affected are Linux kernel images starting from release candidate versions 6.19\u2011rc1 through 6.19\u2011rc8 (and any later kernels that include the same code path before the fix). Systems running these kernel builds and drivers that expose the acp3x pdm DMA operations may be impacted.", "description_and_impact": "The vulnerability is a memory leak in the Linux kernel's Advanced Linux Sound Architecture (ASoC) AMD driver, specifically in the acp3x pdm DMA operations. When the driver operates, it fails to release allocated memory, which can accumulate over time. If the leak is exploited or repeatedly triggered, system memory can be exhausted, resulting in degraded performance or a forced reboot, thus impacting availability. The weakness is a classic resource management flaw, identified as CWE-401.", "risk_and_exploitability": "The CVSS score of 5.5 classifies it as Medium severity. The EPSS score is less than 1\u202f%, indicating a very low likelihood of exploitation in the wild. The vulnerability is not listed in CISA\u2019s KEV catalog. Attackers would need local access to the system and permission to load or use the affected driver; it is not a remote attack vector. The impact mainly manifests as a denial\u2011of\u2011service condition if the resource leak is triggered repeatedly."}}}}, "created": "2026-02-16T09:43:44.623360+00:00", "updated": "2026-04-17T19:30:15.643553+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}