VDB

CVE-2026-23197

CVE-2026-23197 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or >I2C_SMBUS_BLOCK_MAX, the length handler sets the state to IMX_I2C_STATE_FAILED. However, i2c_imx_master_isr() unconditionally overwrites this with IMX_I2C_STATE_READ_CONTINUE, causing an endless read loop that overruns buffers and crashes the system. Guard the state transition to preserve error states set by the length handler.

EPSS 0.02% · 5.6th percentile

Risk Scores

CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.02%
5.6th percentile

Affected Products

VendorProductVersions
LinuxLinux5f5c2d4579ca6836f5604cca979debd68ecfe23f, 5f5c2d4579ca6836f5604cca979debd68ecfe23f, 0
linuxlinux_kernel6.13, 6.13, 6.19

Timeline

  • Feb 14, 2026 CVE Published
  • Feb 14, 2026 PoC Published
  • Feb 15, 2026 EPSS Score
  • Feb 17, 2026 EPSS Score
  • Feb 19, 2026 EPSS Score
  • Feb 20, 2026 EPSS Score
  • Feb 22, 2026 EPSS Score
  • Feb 24, 2026 EPSS Score
  • Feb 26, 2026 EPSS Score
  • Feb 28, 2026 EPSS Score
  • Mar 2, 2026 EPSS Score
  • Mar 3, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›