CVE-2026-23116
Awaiting Analysis Awaiting Analysis - Queue

BaseFortify

Vulnerability report for CVE-2026-23116, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-02-14

Last updated on: 2026-03-18

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu For i.MX8MQ platform, the ADB in the VPUMIX domain has no separate reset and clock enable bits, but is ungated and reset together with the VPUs. So we can't reset G1 or G2 separately, it may led to the system hang. Remove rst_mask and clk_mask of imx8mq_vpu_blk_ctl_domain_data. Let imx8mq_vpu_power_notifier() do really vpu reset.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-02-14
Last Modified
2026-03-18
Generated
2026-07-06
AI Q&A
2026-02-14
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 10 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel From 6.2 (inc) to 6.6.122 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.68 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.8 (exc)
linux linux_kernel 6.19
linux linux_kernel From 5.18 (inc) to 6.1.162 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability relates to the Linux kernel on the i.MX8MQ platform, specifically involving the VPUMIX domain's ADB (Advanced Debug Bridge). The issue arises because the ADB in this domain does not have separate reset and clock enable bits; instead, it is ungated and reset together with the VPUs (Video Processing Units). As a result, attempts to reset G1 or G2 separately can cause the system to hang. The fix involves removing the separate reset and clock masks and allowing the imx8mq_vpu_power_notifier() function to handle the VPU reset properly.

Impact Analysis

This vulnerability can lead to system hangs if the reset of certain components (G1 or G2) is attempted separately on the i.MX8MQ platform. Such system hangs can cause instability, crashes, or unresponsiveness in devices using this hardware and affected Linux kernel versions.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23116. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart