{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-23091","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-01-13T15:37:45.962Z","datePublished":"2026-02-04T16:08:14.295Z","dateUpdated":"2026-05-11T21:59:49.573Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:59:49.573Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nintel_th: fix device leak on output open()\n\nMake sure to drop the reference taken when looking up the th device\nduring output device open() on errors and on close().\n\nNote that a recent commit fixed the leak in a couple of open() error\npaths but not all of them, and the reference is still leaking on\nsuccessful open()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hwtracing/intel_th/core.c"],"versions":[{"version":"39f4034693b7c7bd1fe4cb58c93259d600f55561","lessThan":"af4b9467296b9a16ebc008147238070236982b6d","status":"affected","versionType":"git"},{"version":"39f4034693b7c7bd1fe4cb58c93259d600f55561","lessThan":"64015cbf06e8bb75b81ae95b997e847b55280f7f","status":"affected","versionType":"git"},{"version":"39f4034693b7c7bd1fe4cb58c93259d600f55561","lessThan":"b71e64ef7ff9443835d1333e3e80ab1e49e5209f","status":"affected","versionType":"git"},{"version":"39f4034693b7c7bd1fe4cb58c93259d600f55561","lessThan":"bf7785434b5d05d940d936b78925080950bd54dd","status":"affected","versionType":"git"},{"version":"39f4034693b7c7bd1fe4cb58c93259d600f55561","lessThan":"0fca16c5591534cc1fec8b6181277ee3a3d0f26c","status":"affected","versionType":"git"},{"version":"39f4034693b7c7bd1fe4cb58c93259d600f55561","lessThan":"f9b059bda4276f2bb72cb98ec7875a747f042ea2","status":"affected","versionType":"git"},{"version":"39f4034693b7c7bd1fe4cb58c93259d600f55561","lessThan":"95fc36a234da24bbc5f476f8104a5a15f99ed3e3","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hwtracing/intel_th/core.c"],"versions":[{"version":"4.4","status":"affected"},{"version":"0","lessThan":"4.4","status":"unaffected","versionType":"semver"},{"version":"5.10.249","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.199","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.162","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.122","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.68","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.8","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"5.10.249"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"5.15.199"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"6.1.162"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"6.6.122"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"6.12.68"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"6.18.8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"6.19"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/af4b9467296b9a16ebc008147238070236982b6d"},{"url":"https://git.kernel.org/stable/c/64015cbf06e8bb75b81ae95b997e847b55280f7f"},{"url":"https://git.kernel.org/stable/c/b71e64ef7ff9443835d1333e3e80ab1e49e5209f"},{"url":"https://git.kernel.org/stable/c/bf7785434b5d05d940d936b78925080950bd54dd"},{"url":"https://git.kernel.org/stable/c/0fca16c5591534cc1fec8b6181277ee3a3d0f26c"},{"url":"https://git.kernel.org/stable/c/f9b059bda4276f2bb72cb98ec7875a747f042ea2"},{"url":"https://git.kernel.org/stable/c/95fc36a234da24bbc5f476f8104a5a15f99ed3e3"}],"title":"intel_th: fix device leak on output open()","x_generator":{"engine":"bippy-1.2.0"}}}}