Skip to main content

Linux CVE-2026-23470

| EUVDEUVD-2026-18740 MEDIUM
Improper Locking (CWE-667)
2026-04-03 Linux GHSA-6vrx-35fp-7whc
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
CVSS changed
May 26, 2026 - 14:37 NVD
5.5 (MEDIUM)
Patch available
Apr 16, 2026 - 05:29 EUVD
9497b1f309436971726e229aa6026954ea7c28e9,6f39b48a2d3b1fe83f99477250cd0cd67ca1e1c6
EUVD ID Assigned
Apr 03, 2026 - 15:30 euvd
EUVD-2026-18740
Analysis Generated
Apr 03, 2026 - 15:30 vuln.today
CVE Published
Apr 03, 2026 - 15:15 nvd
N/A

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

drm/imagination: Fix deadlock in soft reset sequence

The soft reset sequence is currently executed from the threaded IRQ handler, hence it cannot call disable_irq() which internally waits for IRQ handlers, i.e. itself, to complete.

Use disable_irq_nosync() during a soft reset instead.

AnalysisAI

Linux kernel drm/imagination driver deadlock in soft reset sequence allows local denial of service when the soft reset handler calls disable_irq() from within a threaded IRQ handler context, creating a self-deadlock condition. The fix replaces disable_irq() with disable_irq_nosync() to prevent the handler from waiting on itself. Affected systems running vulnerable kernel versions with imagination GPU drivers can experience system hangs during GPU reset operations; no public exploit code identified at time of analysis.

Technical ContextAI

The vulnerability exists in the Linux kernel's Direct Rendering Manager (DRM) subsystem, specifically in the imagination GPU driver (drm/imagination). The root cause is a threading deadlock: the soft reset sequence executes within a threaded IRQ handler context, yet attempts to call disable_irq(), which internally waits for all IRQ handlers to complete. Since the calling code IS the IRQ handler, this creates a circular wait condition where the handler waits for itself to finish. The fix uses disable_irq_nosync() instead, which disables the IRQ without waiting for in-flight handlers. This is a classic synchronization issue in kernel driver code where context-aware IRQ manipulation is required.

RemediationAI

Apply the kernel patch by updating to a kernel version that includes one of the fix commits: f99e8b813ae5ce8ffd62c33f5753bf0a008af4b1, 9497b1f309436971726e229aa6026954ea7c28e9, 6f39b48a2d3b1fe83f99477250cd0cd67ca1e1c6, or a55c2a5c8d680156495b7b1e2a9f5a3e313ba524. These commits are available in the Linux kernel stable tree at https://git.kernel.org/stable/. Distributions should backport these commits to their LTS or stable kernel branches. Users unable to update immediately should avoid triggering GPU soft resets on imagination hardware; however, resets may occur automatically during GPU error recovery, making kernel update the practical remediation path. Verify drm/imagination driver is present in kernel configuration (check /boot/config or dmesg for 'imagination' references).

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
Image SLES-Azure-Basic Image SLES-EC2 Image SLES-Hardened-BYOS-Azure Image SLES-SAPCAL-Azure Affected
SUSE Linux Micro 6.2 Fixed
openSUSE Leap 16.0 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Affected
SUSE Linux Enterprise Live Patching 15 SP7 Affected

Share

CVE-2026-23470 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy