CVE-2026-23091

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue where a reference to a 'th' device is leaked during output device open operations, both on errors and when closing the device. A prior commit addressed the leak in some error paths, but the reference continues to leak upon successful open operations. The issue involves failing to drop the reference taken when looking up the 'th' device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

CVE-2026-23091

ECHO-09DC-060C-7741

OPENSUSE-SU-2026:20416-1

SUSE-SU-2026:0962-1

SUSE-SU-2026:1081-1

SUSE-SU-2026:20667-1

SUSE-SU-2026:20720-1

SUSE-SU-2026:20838-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21284-1

USN-8162-1

USN-8177-1

USN-8177-2

USN-8180-1

USN-8180-2

USN-8180-3

USN-8180-4

USN-8180-5

USN-8180-6

USN-8183-1

USN-8183-2

USN-8186-1

USN-8187-1

USN-8188-1

USN-8243-1

USN-8245-1

USN-8257-1

USN-8275-1

USN-8278-1

USN-8278-2

USN-8289-1

USN-8289-2

USN-8296-1

USN-8296-2

USN-8297-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

CVE-2026-23091

Weakness Enumeration

Related Identifiers

Affected Products

References · 2234