CVE-2026-46146
EUVD-2026-3277328.05.2026, 10:16
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() The convert_chmap_v3() has a loop with its increment size of cs_desc->wLength, but we forgot to validate cs_desc->wLength itself, which may lead to potential endless loop by a malformed descriptor. Add a proper size check to abort the loop for plugging the hole.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 5.4.297 ≤ 𝑥 < 5.5 |
| linux | linux_kernel | 5.10.241 ≤ 𝑥 < 5.10.258 |
| linux | linux_kernel | 5.15.190 ≤ 𝑥 < 5.15.209 |
| linux | linux_kernel | 6.1.149 ≤ 𝑥 < 6.1.175 |
| linux | linux_kernel | 6.6.103 ≤ 𝑥 < 6.6.140 |
| linux | linux_kernel | 6.12.43 ≤ 𝑥 < 6.12.88 |
| linux | linux_kernel | 6.15.11 ≤ 𝑥 < 6.16 |
| linux | linux_kernel | 6.16.2 ≤ 𝑥 < 6.17 |
| linux | linux_kernel | 6.17.1 ≤ 𝑥 < 6.18.30 |
| linux | linux_kernel | 6.19 ≤ 𝑥 < 7.0.7 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17:rc2 |
| linux | linux_kernel | 6.17:rc3 |
| linux | linux_kernel | 6.17:rc4 |
| linux | linux_kernel | 6.17:rc5 |
| linux | linux_kernel | 6.17:rc6 |
| linux | linux_kernel | 6.17:rc7 |
| linux | linux_kernel | 7.1:rc1 |
𝑥
= Vulnerable software versions
Debian Releases
Common Weakness Enumeration
Vulnerability Media Exposure
References