{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23470", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:46.021Z", "datePublished": "2026-04-03T15:15:49.507Z", "dateUpdated": "2026-05-11T22:07:40.188Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:07:40.188Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: Fix deadlock in soft reset sequence\n\nThe soft reset sequence is currently executed from the threaded IRQ\nhandler, hence it cannot call disable_irq() which internally waits\nfor IRQ handlers, i.e. itself, to complete.\n\nUse disable_irq_nosync() during a soft reset instead."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/imagination/pvr_power.c"], "versions": [{"version": "cc1aeedb98ad347c06ff59e991b2f94dfb4c565d", "lessThan": "f99e8b813ae5ce8ffd62c33f5753bf0a008af4b1", "status": "affected", "versionType": "git"}, {"version": "cc1aeedb98ad347c06ff59e991b2f94dfb4c565d", "lessThan": "9497b1f309436971726e229aa6026954ea7c28e9", "status": "affected", "versionType": "git"}, {"version": "cc1aeedb98ad347c06ff59e991b2f94dfb4c565d", "lessThan": "6f39b48a2d3b1fe83f99477250cd0cd67ca1e1c6", "status": "affected", "versionType": "git"}, {"version": "cc1aeedb98ad347c06ff59e991b2f94dfb4c565d", "lessThan": "a55c2a5c8d680156495b7b1e2a9f5a3e313ba524", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/imagination/pvr_power.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.78", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.20", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.10", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.12.78"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.18.20"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.19.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/f99e8b813ae5ce8ffd62c33f5753bf0a008af4b1"}, {"url": "https://git.kernel.org/stable/c/9497b1f309436971726e229aa6026954ea7c28e9"}, {"url": "https://git.kernel.org/stable/c/6f39b48a2d3b1fe83f99477250cd0cd67ca1e1c6"}, {"url": "https://git.kernel.org/stable/c/a55c2a5c8d680156495b7b1e2a9f5a3e313ba524"}], "title": "drm/imagination: Fix deadlock in soft reset sequence", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: Fix deadlock in soft reset sequence\n\nThe soft reset sequence is currently executed from the threaded IRQ\nhandler, hence it cannot call disable_irq() which internally waits\nfor IRQ handlers, i.e. itself, to complete.\n\nUse disable_irq_nosync() during a soft reset instead."}], "id": "CVE-2026-23470", "lastModified": "2026-04-07T13:20:55.200", "metrics": {}, "published": "2026-04-03T16:16:34.630", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6f39b48a2d3b1fe83f99477250cd0cd67ca1e1c6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9497b1f309436971726e229aa6026954ea7c28e9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a55c2a5c8d680156495b7b1e2a9f5a3e313ba524"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f99e8b813ae5ce8ffd62c33f5753bf0a008af4b1"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: drm/imagination: Fix deadlock in soft reset sequence", "id": "2454836", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454836"}, "csaw": false, "cwe": "CWE-833", "details": ["A flaw was found in the Linux kernel's `drm/imagination` driver. A local attacker could potentially trigger a deadlock condition during the soft reset sequence. This occurs because the soft reset sequence, when executed from a threaded Interrupt Request (IRQ) handler, attempts to disable IRQs while waiting for itself to complete. This can lead to a system hang or unresponsiveness, resulting in a Denial of Service (DoS)."], "name": "CVE-2026-23470", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23470\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23470\nhttps://lore.kernel.org/linux-cve-announce/2026040322-CVE-2026-23470-a491@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[cc1aeedb98ad347c06ff59e991b2f94dfb4c565d,f99e8b813ae5ce8ffd62c33f5753bf0a008af4b1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[cc1aeedb98ad347c06ff59e991b2f94dfb4c565d,9497b1f309436971726e229aa6026954ea7c28e9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[cc1aeedb98ad347c06ff59e991b2f94dfb4c565d,6f39b48a2d3b1fe83f99477250cd0cd67ca1e1c6)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[cc1aeedb98ad347c06ff59e991b2f94dfb4c565d,a55c2a5c8d680156495b7b1e2a9f5a3e313ba524)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.8"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.8)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.78,7.0.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.20,7.0.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.10,7.0.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0-rc5,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-07T10:36:52.417307+00:00", "value": {"mitigation_remediation": ["Install a Linux kernel update that includes the patched drm/imagination driver.", "If no update is available, apply the upstream patch that replaces calls to disable_irq() with disable_irq_nosync() in the soft reset code path.", "Verify that the patched code is present, for example by checking the source or using a package audit tool."], "summary": {"action": "Patch Kernel", "impact": "Kernel deadlock causing availability loss"}, "threat_synthesis": {"affected_systems": "Any Linux kernel image that contains the unpatched drm/imagination driver is potentially affected. The reference does not list a specific kernel version range, therefore any kernel built with this code prior to the patch may be vulnerable.", "description_and_impact": "The vulnerability exists in the DRM Imagination driver\u2019s soft reset routine of the Linux kernel. The routine runs from a threaded IRQ handler and mistakenly calls disable_irq(), which waits for IRQ handlers to finish, including itself, leading to a deadlock that stalls kernel execution and effectively renders the system unavailable until reboot.", "risk_and_exploitability": "EPSS is reported as less than 1\u202f%, indicating a low probability of exploitation. The CVE does not appear in the CISA KEV catalog. Because the documentation does not provide an attack vector, it is inferred that an attacker would need the ability to trigger the device\u2019s soft reset routine, which would typically require local privileged or kernel\u2011level access. The threat is predominantly a denial of service; no indication of confidentiality or integrity compromise is supplied."}}}}, "created": "2026-04-03T21:13:28.963895+00:00", "updated": "2026-04-08T19:53:39.450830+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}