{"id":"CVE-2026-23091","summary":"intel_th: fix device leak on output open()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nintel_th: fix device leak on output open()\n\nMake sure to drop the reference taken when looking up the th device\nduring output device open() on errors and on close().\n\nNote that a recent commit fixed the leak in a couple of open() error\npaths but not all of them, and the reference is still leaking on\nsuccessful open().","modified":"2026-04-02T17:30:02.933167616Z","published":"2026-02-04T16:08:14.295Z","related":["SUSE-SU-2026:0962-1","SUSE-SU-2026:1081-1","SUSE-SU-2026:20667-1","SUSE-SU-2026:20720-1","SUSE-SU-2026:20838-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","SUSE-SU-2026:20931-1","openSUSE-SU-2026:20416-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23091.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0fca16c5591534cc1fec8b6181277ee3a3d0f26c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/64015cbf06e8bb75b81ae95b997e847b55280f7f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/95fc36a234da24bbc5f476f8104a5a15f99ed3e3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/af4b9467296b9a16ebc008147238070236982b6d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b71e64ef7ff9443835d1333e3e80ab1e49e5209f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bf7785434b5d05d940d936b78925080950bd54dd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f9b059bda4276f2bb72cb98ec7875a747f042ea2"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23091.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23091"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"39f4034693b7c7bd1fe4cb58c93259d600f55561"},{"fixed":"af4b9467296b9a16ebc008147238070236982b6d"},{"fixed":"64015cbf06e8bb75b81ae95b997e847b55280f7f"},{"fixed":"b71e64ef7ff9443835d1333e3e80ab1e49e5209f"},{"fixed":"bf7785434b5d05d940d936b78925080950bd54dd"},{"fixed":"0fca16c5591534cc1fec8b6181277ee3a3d0f26c"},{"fixed":"f9b059bda4276f2bb72cb98ec7875a747f042ea2"},{"fixed":"95fc36a234da24bbc5f476f8104a5a15f99ed3e3"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23091.json"}}],"schema_version":"1.7.5"}