CVE-2026-46262
EUVD-2026-3412403.06.2026, 18:16
In the Linux kernel, the following vulnerability has been resolved:
ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()
This reverts commit f51424872760 ("ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put()").
The original patch attempted to acquire the card->controls_rwsem lock in
fsl_xcvr_mode_put(). However, this function is called from the upper ALSA
core function snd_ctl_elem_write(), which already holds the write lock on
controls_rwsem for the whole put operation. So there is no need to simply
hold the lock for fsl_xcvr_activate_ctl() again.
Acquiring the read lock while holding the write lock in the same thread
results in a deadlock and a hung task, as reported by Alexander Stein.EnginsightAffected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.19.1 ≤ 𝑥 < 6.19.4 |
| linux | linux_kernel | 5.15.201 |
| linux | linux_kernel | 6.1.164 |
| linux | linux_kernel | 6.6.127 |
| linux | linux_kernel | 6.12.74 |
| linux | linux_kernel | 6.18.13 |
| linux | linux_kernel | 6.19 |
𝑥
= Vulnerable software versions
Debian Releases
Common Weakness Enumeration
Vulnerability Media Exposure
References