CVE-2026-46146

Published: May 28, 2026Modified: Jun 10, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() The convert_chmap_v3() has a loop with its increment size of cs_desc->wLength, but we forgot to validate cs_desc->wLength itself, which may lead to potential endless loop by a malformed descriptor. Add a proper size check to abort the loop for plugging the hole.

Affected (18)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.10.241 to 5.10.258
Linux Linux Kernel	From 5.15.190 to 5.15.209
Linux Linux Kernel	From 5.4.297 to 5.5
Linux Linux Kernel	From 6.1.149 to 6.1.175
Linux Linux Kernel	From 6.12.43 to 6.12.88
Linux Linux Kernel	From 6.15.11 to 6.16
Linux Linux Kernel	From 6.16.2 to 6.17
Linux Linux Kernel	From 6.17.1 to 6.18.30
Linux Linux Kernel	From 6.19 to 7.0.7
Linux Linux Kernel	From 6.6.103 to 6.6.140
Linux Linux Kernel	Version 6.17
Linux Linux Kernel	Version 6.17 rc2
Linux Linux Kernel	Version 6.17 rc3
Linux Linux Kernel	Version 6.17 rc4
Linux Linux Kernel	Version 6.17 rc5
Linux Linux Kernel	Version 6.17 rc6
Linux Linux Kernel	Version 6.17 rc7
Linux Linux Kernel	Version 7.1 rc1