Description
In the Linux kernel, the following vulnerability has been resolved:

drm/imagination: Fix deadlock in soft reset sequence

The soft reset sequence is currently executed from the threaded IRQ
handler, hence it cannot call disable_irq() which internally waits
for IRQ handlers, i.e. itself, to complete.

Use disable_irq_nosync() during a soft reset instead.
Published: 2026-04-03
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: Kernel deadlock causing availability loss
Action: Patch Kernel
AI Analysis

Impact

The vulnerability exists in the DRM Imagination driver’s soft reset routine of the Linux kernel. The routine runs from a threaded IRQ handler and mistakenly calls disable_irq(), which waits for IRQ handlers to finish, including itself, leading to a deadlock that stalls kernel execution and effectively renders the system unavailable until reboot.

Affected Systems

Any Linux kernel image that contains the unpatched drm/imagination driver is potentially affected. The reference does not list a specific kernel version range, therefore any kernel built with this code prior to the patch may be vulnerable.

Risk and Exploitability

EPSS is reported as less than 1 %, indicating a low probability of exploitation. The CVE does not appear in the CISA KEV catalog. Because the documentation does not provide an attack vector, it is inferred that an attacker would need the ability to trigger the device’s soft reset routine, which would typically require local privileged or kernel‑level access. The threat is predominantly a denial of service; no indication of confidentiality or integrity compromise is supplied.

Generated by OpenCVE AI on April 7, 2026 at 10:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install a Linux kernel update that includes the patched drm/imagination driver.
  • If no update is available, apply the upstream patch that replaces calls to disable_irq() with disable_irq_nosync() in the soft reset code path.
  • Verify that the patched code is present, for example by checking the source or using a package audit tool.

Generated by OpenCVE AI on April 7, 2026 at 10:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6238-1 linux security update
History

Tue, 07 Apr 2026 08:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-551

Sat, 04 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-833
References

Fri, 03 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-551

Fri, 03 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix deadlock in soft reset sequence The soft reset sequence is currently executed from the threaded IRQ handler, hence it cannot call disable_irq() which internally waits for IRQ handlers, i.e. itself, to complete. Use disable_irq_nosync() during a soft reset instead.
Title drm/imagination: Fix deadlock in soft reset sequence
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:07:40.188Z

Reserved: 2026-01-13T15:37:46.021Z

Link: CVE-2026-23470

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-03T16:16:34.630

Modified: 2026-04-07T13:20:55.200

Link: CVE-2026-23470

cve-icon Redhat

Severity :

Publid Date: 2026-04-03T00:00:00Z

Links: CVE-2026-23470 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:53:39Z

Weaknesses