CVE-2026-23470
Description
In the Linux kernel, the following vulnerability has been resolved:
drm/imagination: Fix deadlock in soft reset sequence
The soft reset sequence is currently executed from the threaded IRQ handler, hence it cannot call disable_irq() which internally waits for IRQ handlers, i.e. itself, to complete.
Use disable_irq_nosync() during a soft reset instead.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A deadlock in the Linux kernel's drm/imagination driver during soft reset, fixed by using disable_irq_nosync() instead of disable_irq().
The vulnerability is a deadlock in the drm/imagination driver's soft reset sequence in the Linux kernel. The soft reset is executed from a threaded IRQ handler, but the code calls disable_irq(), which internally waits for all IRQ handlers to complete, including itself, causing a deadlock [1].
To trigger this deadlock, an attacker would need to cause a soft reset on a PowerVR-based GPU. This could be achieved through specific driver operations that initiate a reset under normal usage, potentially leading to a system hang. No special privileges are required beyond the ability to interact with the DRM subsystem.
The impact is a denial of service as the deadlock hangs the system, requiring a reboot. The vulnerability does not appear to allow arbitrary code execution or privilege escalation based on the description.
The fix replaces disable_irq() with disable_irq_nosync() in the soft reset path, avoiding the self-deadlock. Patches are available in the stable kernel trees as referenced in the commit [1].
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.