{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-23090","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-01-13T15:37:45.962Z","datePublished":"2026-02-04T16:08:13.438Z","dateUpdated":"2026-05-11T21:59:48.426Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:59:48.426Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: core: fix device reference leak on report present\n\nSlimbus devices can be allocated dynamically upon reception of\nreport-present messages.\n\nMake sure to drop the reference taken when looking up already registered\ndevices.\n\nNote that this requires taking an extra reference in case the device has\nnot yet been registered and has to be allocated."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/slimbus/core.c"],"versions":[{"version":"46a2bb5a7f7ea2728be50f8f5b29a20267f700fe","lessThan":"b1217e40705b2f6d311c197b12866752656217ff","status":"affected","versionType":"git"},{"version":"46a2bb5a7f7ea2728be50f8f5b29a20267f700fe","lessThan":"948615429c9f2ac9d25d4e1f1a4472926b217a9a","status":"affected","versionType":"git"},{"version":"46a2bb5a7f7ea2728be50f8f5b29a20267f700fe","lessThan":"02b78bbfbafe49832e508079148cb87cdfa55825","status":"affected","versionType":"git"},{"version":"46a2bb5a7f7ea2728be50f8f5b29a20267f700fe","lessThan":"2ddc09f6a0a221b1d91a7cbc8cc2cefdbd334fe6","status":"affected","versionType":"git"},{"version":"46a2bb5a7f7ea2728be50f8f5b29a20267f700fe","lessThan":"54de72a7aabc0749938d7a2833a0c1a5d3ed7ac9","status":"affected","versionType":"git"},{"version":"46a2bb5a7f7ea2728be50f8f5b29a20267f700fe","lessThan":"6602bb4d1338e92b5838e50322b87697bdbd2ee0","status":"affected","versionType":"git"},{"version":"46a2bb5a7f7ea2728be50f8f5b29a20267f700fe","lessThan":"9391380eb91ea5ac792aae9273535c8da5b9aa01","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/slimbus/core.c"],"versions":[{"version":"4.16","status":"affected"},{"version":"0","lessThan":"4.16","status":"unaffected","versionType":"semver"},{"version":"5.10.249","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.199","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.162","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.122","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.68","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.8","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"5.10.249"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"5.15.199"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.1.162"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.6.122"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.12.68"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.18.8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.19"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/b1217e40705b2f6d311c197b12866752656217ff"},{"url":"https://git.kernel.org/stable/c/948615429c9f2ac9d25d4e1f1a4472926b217a9a"},{"url":"https://git.kernel.org/stable/c/02b78bbfbafe49832e508079148cb87cdfa55825"},{"url":"https://git.kernel.org/stable/c/2ddc09f6a0a221b1d91a7cbc8cc2cefdbd334fe6"},{"url":"https://git.kernel.org/stable/c/54de72a7aabc0749938d7a2833a0c1a5d3ed7ac9"},{"url":"https://git.kernel.org/stable/c/6602bb4d1338e92b5838e50322b87697bdbd2ee0"},{"url":"https://git.kernel.org/stable/c/9391380eb91ea5ac792aae9273535c8da5b9aa01"}],"title":"slimbus: core: fix device reference leak on report present","x_generator":{"engine":"bippy-1.2.0"}}}}