CVE-2026-23170 in Linuxinfo

Summary

by MITRE • 02/14/2026

In the Linux kernel, the following vulnerability has been resolved:

drm/imx/tve: fix probe device leak

Make sure to drop the reference taken to the DDC device during probe on probe failure (e.g. probe deferral) and on driver unbind.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 05/05/2026

The vulnerability identified as CVE-2026-23170 resides within the Linux kernel's display subsystem, specifically affecting the imx tve driver component that manages television output for i.MX SoC platforms. This issue represents a resource management flaw that occurs during the device probe phase of driver initialization, where proper reference counting mechanisms fail to release acquired resources under certain failure conditions. The vulnerability is classified as a device reference leak that can lead to system resource exhaustion and potential stability issues in embedded systems utilizing i.MX hardware platforms.

The technical flaw manifests when the drm/imx/tve driver attempts to probe and initialize a television output device, specifically involving the DDC (Display Data Channel) device reference that is acquired during the probe sequence. When probe operations encounter failures such as probe deferral scenarios or driver unbind operations, the driver fails to properly drop the reference to the DDC device that was previously taken during the probe process. This reference leak occurs because the driver lacks proper error handling code to ensure that all acquired references are released regardless of whether the probe succeeds or fails. The issue is particularly concerning in embedded systems where resource constraints are tight and proper reference management is critical for system stability.

The operational impact of this vulnerability extends beyond simple resource leakage to potentially affect system reliability and performance in embedded Linux environments. When multiple probe failures occur or when the driver experiences repeated unbind operations, accumulated reference leaks can lead to progressive resource exhaustion, eventually causing system instability or complete driver failure. The vulnerability is particularly relevant in automotive, industrial, and IoT applications that utilize i.MX SoC platforms where continuous system operation and reliable display output are critical requirements. Attackers who can trigger repeated probe failures or force driver unbind operations could potentially exploit this vulnerability to cause denial of service conditions or system crashes.

Mitigation strategies for this vulnerability involve ensuring proper implementation of reference counting mechanisms within the driver code, specifically requiring that all acquired references to DDC devices are properly released during both successful probe completion and failure scenarios. System administrators should ensure that kernel updates containing the fix are applied promptly, particularly in production environments where stability is paramount. The fix typically involves implementing proper error handling paths that guarantee reference cleanup regardless of the probe outcome, aligning with best practices for kernel driver development and resource management. This vulnerability demonstrates the importance of comprehensive error handling and resource management in kernel space code, where improper reference counting can lead to system-wide stability issues. The issue relates to CWE-404, which addresses improper resource release or unbalanced resource management, and may be categorized under ATT&CK technique T1490 for resource exhaustion attacks that leverage improper resource management within system components.

Responsible

Linux

Reservation

01/13/2026

Disclosure

02/14/2026

Moderation

accepted

CPE

ready

EPSS

0.00115

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!