CVE-2026-23186

CWE-667CWE-8337 documents7 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 96.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (acpi_power_meter) Fix deadlocks related to acpi_power_meter_notify() The acpi_power_meter driver's .notify() callback function, acpi_power_meter_notify(), calls hwmon_device_unregister() under a lock that is also acquired by callbacks in sysfs attributes of the device being unregistered which is prone to deadlocks between sysfs access and device removal. Address this by moving the hwmon device removal in acpi_power_me

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel6.156.18.10+1
CVEListV5linux/linux16746ce8adfe04f9ff8df75c1133286ba93c0e178860ddf0e07be37169d4ef9f2618e39fca934a66+2
Debianlinux< 6.18.10-1

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-2m65-7fpj-78p9: In the Linux kernel, the following vulnerability has been resolved: hwmon: (acpi_power_meter) Fix deadlocks related to acpi_power_meter_notify() The2026-02-14
OSV
CVE-2026-23186: In the Linux kernel, the following vulnerability has been resolved: hwmon: (acpi_power_meter) Fix deadlocks related to acpi_power_meter_notify() The a2026-02-14
CVEList
hwmon: (acpi_power_meter) Fix deadlocks related to acpi_power_meter_notify()2026-02-14

📋Vendor Advisories

2
Red Hat
kernel: hwmon: (acpi_power_meter) Fix deadlocks related to acpi_power_meter_notify()2026-02-14
Debian
CVE-2026-23186: linux - In the Linux kernel, the following vulnerability has been resolved: hwmon: (acp...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23186 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23186 (MEDIUM CVSS 5.5) | In the Linux kernel | cvebase.io