CVE-2026-23116

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the imx8m-blk-ctrl driver related to the handling of reset and clock control for the VPUMIX domain on i.MX8MQ platforms. Specifically, the ADB in the VPUMIX domain lacks separate reset and clock enable bits, and is ungated, being reset along with the VPUs. Attempting to reset G1 or G2 independently can lead to system hangs. The issue is addressed by removing the separate reset and clock masks, allowing the imx8mq vpu power notifier() function to handle the VPUs’ reset.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-23116

OPENSUSE-SU-2026:20416-1

SUSE-SU-2026:0962-1

SUSE-SU-2026:1081-1

SUSE-SU-2026:20667-1

SUSE-SU-2026:20720-1

SUSE-SU-2026:20838-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21284-1

USN-8278-1

USN-8289-1

USN-8296-1

Affected Products

Linux Kernel

Ubuntu

I.Mx8Mq

CVE-2026-23116

Related Identifiers

Affected Products

References · 1773