CVE-2026-23090
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/02/2026
Last modified:
06/02/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
slimbus: core: fix device reference leak on report present<br />
<br />
Slimbus devices can be allocated dynamically upon reception of<br />
report-present messages.<br />
<br />
Make sure to drop the reference taken when looking up already registered<br />
devices.<br />
<br />
Note that this requires taking an extra reference in case the device has<br />
not yet been registered and has to be allocated.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/02b78bbfbafe49832e508079148cb87cdfa55825
- https://git.kernel.org/stable/c/2ddc09f6a0a221b1d91a7cbc8cc2cefdbd334fe6
- https://git.kernel.org/stable/c/54de72a7aabc0749938d7a2833a0c1a5d3ed7ac9
- https://git.kernel.org/stable/c/6602bb4d1338e92b5838e50322b87697bdbd2ee0
- https://git.kernel.org/stable/c/9391380eb91ea5ac792aae9273535c8da5b9aa01
- https://git.kernel.org/stable/c/948615429c9f2ac9d25d4e1f1a4472926b217a9a
- https://git.kernel.org/stable/c/b1217e40705b2f6d311c197b12866752656217ff