CVE-2026-23116

MEDIUM

Linux Kernel 5.18.0-6.1.161, 6.2.0-6.6.121, 6.7.0-6.12.67, 6.13.0-6.18.7 - Denial of Service via VPU Reset Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu For i.MX8MQ platform, the ADB in the VPUMIX domain has no separate reset and clock enable bits, but is ungated and reset together with the VPUs. So we can't reset G1 or G2 separately, it may led to the system hang. Remove rst_mask and clk_mask of imx8mq_vpu_blk_ctl_domain_data. Let imx8mq_vpu_power_notifier() do really vpu reset.

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/8859e336d233e61a4c40d40dc6a9f21e8b9b719c

Patch

https://git.kernel.org/stable/c/cad7003d951e8899db58ee2fef211586af726f09

Patch

https://git.kernel.org/stable/c/5c56a6f4b5a4f87c094c92a30fa17e28e37ec2ab

Patch

https://git.kernel.org/stable/c/fd675de6bddf7e9bdf42ae3929d4c27ba6d1ef76

Patch

https://git.kernel.org/stable/c/3de49966499634454fd59e0e6fecd50baab7febd

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 4.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (18)

linux/Kernel 5.18.0 - 6.1.162linux

linux/Kernel 6.13.0 - 6.18.8linux

linux/Kernel 6.2.0 - 6.6.122linux

linux/Kernel 6.7.0 - 6.12.68linux

Linux/Linux < 5.18

Linux/Linux 5.18

Linux/Linux 6.1.162 - 6.1.*

Linux/Linux 6.12.68 - 6.12.*

Linux/Linux 6.18.8 - 6.18.*

Linux/Linux 6.19

... and 8 more

Published Feb 14, 2026

Tracked Since Feb 18, 2026