CVE-2026-31775

EUVD-2026-26588

01.05.2026, 15:16

In the Linux kernel, the following vulnerability has been resolved:

ALSA: ctxfi: Don't enumerate SPDIF1 at DAIO initialization

The recent refactoring of xfi driver changed the assignment of
atc->daios[] at atc_get_resources(); now it loops over all enum
DAIOTYP entries while it looped formerly only a part of them.
The problem is that the last entry, SPDIF1, is a special type that
is used only for hw20k1 CTSB073X model (as a replacement of SPDIFIO),
and there is no corresponding definition for hw20k2. Due to the lack
of the info, it caused a kernel crash on hw20k2, which was already
worked around by the commit b045ab3dff97 ("ALSA: ctxfi: Fix missing
SPDIFI1 index handling").

This patch addresses the root cause of the regression above properly,
simply by skipping the incorrect SPDIF1 type in the parser loop.

For making the change clearer, the code is slightly arranged, too.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.159-1 fixed
bookworm (security)	6.1.164-1 fixed
bullseye	5.10.223-1 fixed
bullseye (security)	5.10.251-3 fixed
forky	6.19.14-1 fixed
sid	7.0.3-1 fixed
trixie	6.12.73-1 fixed
trixie (security)	6.12.85-1 fixed

References

https://git.kernel.org/stable/c/75dc1980cf48826287e43dc7a49e310c6691f97e

https://git.kernel.org/stable/c/a79c4c42057818bd9de45d2627464b4f0e02196a