CVE-2026-23096 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: uacce: fix cdev handling in the cleanup path When cdev_device_add fails, it internally releases the cdev memory, and if cdev_device_del is then executed, it will cause a hang error. To fix it, we check the return value of cdev_device_add() and clear uacce->cdev to avoid calling cdev_device_del in the uacce_remove.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/98d67a1bd6caddd0a8b8c82a0b925742cf500936
https://git.kernel.org/stable/c/a3bece3678f6c88db1f44c602b2a63e84b4040ac
https://git.kernel.org/stable/c/bd2393ed7712513e7e2dbcb6e21464a67ff9e702
https://git.kernel.org/stable/c/d9031575a2f8aabc53af3025dd79af313a2e046b

History

Wed, 04 Feb 2026 16:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: uacce: fix cdev handling in the cleanup path When cdev_device_add fails, it internally releases the cdev memory, and if cdev_device_del is then executed, it will cause a hang error. To fix it, we check the return value of cdev_device_add() and clear uacce->cdev to avoid calling cdev_device_del in the uacce_remove.
Title		uacce: fix cdev handling in the cleanup path
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/98d67a1bd6caddd0a8b8c82a0b925742cf500936 https://git.kernel.org/stable/c/a3bece3678f6c88db1f44c602b2a63e84b4040ac https://git.kernel.org/stable/c/bd2393ed7712513e7e2dbcb6e21464a67ff9e702 https://git.kernel.org/stable/c/d9031575a2f8aabc53af3025dd79af313a2e046b

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-02-04T16:08:18.785Z

Updated: 2026-02-04T16:08:18.785Z

Reserved: 2026-01-13T15:37:45.964Z

Link: CVE-2026-23096

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-02-04T17:16:20.473

Modified: 2026-02-04T17:16:20.473

Link: CVE-2026-23096

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23096", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.964Z", "datePublished": "2026-02-04T16:08:18.785Z", "dateUpdated": "2026-02-04T16:08:18.785Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-02-04T16:08:18.785Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nuacce: fix cdev handling in the cleanup path\n\nWhen cdev_device_add fails, it internally releases the cdev memory,\nand if cdev_device_del is then executed, it will cause a hang error.\nTo fix it, we check the return value of cdev_device_add() and clear\nuacce->cdev to avoid calling cdev_device_del in the uacce_remove."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/misc/uacce/uacce.c"], "versions": [{"version": "015d239ac0142ad0e26567fd890ef8d171f13709", "lessThan": "d9031575a2f8aabc53af3025dd79af313a2e046b", "status": "affected", "versionType": "git"}, {"version": "015d239ac0142ad0e26567fd890ef8d171f13709", "lessThan": "98d67a1bd6caddd0a8b8c82a0b925742cf500936", "status": "affected", "versionType": "git"}, {"version": "015d239ac0142ad0e26567fd890ef8d171f13709", "lessThan": "bd2393ed7712513e7e2dbcb6e21464a67ff9e702", "status": "affected", "versionType": "git"}, {"version": "015d239ac0142ad0e26567fd890ef8d171f13709", "lessThan": "a3bece3678f6c88db1f44c602b2a63e84b4040ac", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/misc/uacce/uacce.c"], "versions": [{"version": "5.7", "status": "affected"}, {"version": "0", "lessThan": "5.7", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.122", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.68", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.8", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19-rc7", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.6.122"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.12.68"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.18.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.19-rc7"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d9031575a2f8aabc53af3025dd79af313a2e046b"}, {"url": "https://git.kernel.org/stable/c/98d67a1bd6caddd0a8b8c82a0b925742cf500936"}, {"url": "https://git.kernel.org/stable/c/bd2393ed7712513e7e2dbcb6e21464a67ff9e702"}, {"url": "https://git.kernel.org/stable/c/a3bece3678f6c88db1f44c602b2a63e84b4040ac"}], "title": "uacce: fix cdev handling in the cleanup path", "x_generator": {"engine": "bippy-1.2.0"}}}}