CVE-2026-46018 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES parse_uac2_sample_rate_range() caps the number of enumerated rates at MAX_NR_RATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional triplets continues parsing the remaining triplets and repeatedly prints "invalid uac2 rates" while probe still holds register_mutex. Stop the whole parse once the cap is reached and return the number of rates collected so far.

PUBLISHED Reserved 2026-05-13 | Published 2026-05-27 | Updated 2026-06-01 | Assigner Linux

Product status

Default status

unaffected

4fa0e81b83503900be277e6273a79651b375e288 (git) before 5436bc1b07d4656f99412dc72871d250d7d55205

affected

4fa0e81b83503900be277e6273a79651b375e288 (git) before 0da05fedf5e1966b7e7d389866cb86fcf09f4b32

affected

4fa0e81b83503900be277e6273a79651b375e288 (git) before f14bd323eec4b4f0ef662520ec852e593ece1d4c

affected

4fa0e81b83503900be277e6273a79651b375e288 (git) before ab5ba9fd138758ddc50222264ff246b31e397abf

affected

4fa0e81b83503900be277e6273a79651b375e288 (git) before ba036305323814ec1f8655313b2fa6a0f7048716

affected

4fa0e81b83503900be277e6273a79651b375e288 (git) before 4d7893a137eadb6163ea4298bf67d74b811d76ef

affected

4fa0e81b83503900be277e6273a79651b375e288 (git) before a0b78639ef09b2e77974a3de3b1c07f6de3c5e56

affected

4fa0e81b83503900be277e6273a79651b375e288 (git) before 3c318f97dcc50b2e0556a1813bd6958678e881fd

affected

44f059fb742aac78cffdab5e0d8fe0c9910c1ded (git)

affected

c25a53781f61c78bf2a2fa308bbd35b42ba346f6 (git)

affected

3.0.81 (semver) before 3.1

affected

3.2.47 (semver) before 3.3

affected

Default status

affected

3.3

affected

Any version before 3.3

unaffected

5.10.258 (semver)

unaffected

5.15.209 (semver)

unaffected

6.1.175 (semver)

unaffected

6.6.140 (semver)

unaffected

6.12.86 (semver)

unaffected

6.18.27 (semver)

unaffected

7.0.4 (semver)

unaffected

7.1-rc1 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/5436bc1b07d4656f99412dc72871d250d7d55205

git.kernel.org/...c/0da05fedf5e1966b7e7d389866cb86fcf09f4b32

git.kernel.org/...c/f14bd323eec4b4f0ef662520ec852e593ece1d4c

git.kernel.org/...c/ab5ba9fd138758ddc50222264ff246b31e397abf

git.kernel.org/...c/ba036305323814ec1f8655313b2fa6a0f7048716

git.kernel.org/...c/4d7893a137eadb6163ea4298bf67d74b811d76ef

git.kernel.org/...c/a0b78639ef09b2e77974a3de3b1c07f6de3c5e56

git.kernel.org/...c/3c318f97dcc50b2e0556a1813bd6958678e881fd

cve.org (CVE-2026-46018)

nvd.nist.gov (CVE-2026-46018)

Download JSON

help @ threatint.eu