CVE-2026-46049

MEDIUM EPSS 2.4%
Published May 27, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 27, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdif_passthru_playback_get_resources() uses atc->pll_rate as the RSR for the MSR calculation loop. However, pll_rate is only updated in atc_pll_init() and not in hw_pll_init(), so it remains 0 after the card init. When spdif_passthru_playback_setup() skips atc_pll_init() for 32000 Hz, (rsr * desc.msr) always becomes 0, causing the loop to spin indefinitely. Add fallback to use atc->rsr when atc->pll_rate is 0. This reflects the hardware state, since hw_card_init() already configures the PLL to the default RSR.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥2.6.31  –  <5.10.258
linuxlinux_kernel*≥5.11  –  <5.15.209
linuxlinux_kernel*≥5.16  –  <6.1.175
linuxlinux_kernel*≥6.2  –  <6.6.140
linuxlinux_kernel*≥6.7  –  <6.12.86
linuxlinux_kernel*≥6.13  –  <6.18.27
linuxlinux_kernel*≥6.19  –  <7.0.4

References 8

  • git.kernel.org https://git.kernel.org/stable/c/09496158f6ebba8830593f8972035c02f97124c1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/25ded535ee261161bcf19dafd525c542e606559d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/30f9494c6f2b53a78822cfb653ffbb1d092d44c8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/615b7a5e5d8be68d52f262579906f7e015ba4606
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7d61662197ecdc458e33e475b6ada7f6da61d364
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/95b1ee8442cabbde83b2848e7c6100df90f3a00d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0b53842211f73a10ea174100a213f7fa14b9f33
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dfc00979ff00d9dfdfa1df32144a272ee2728102
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/09496158f6ebba8830593f8972035c02f97124c1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/25ded535ee261161bcf19dafd525c542e606559d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/30f9494c6f2b53a78822cfb653ffbb1d092d44c8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/615b7a5e5d8be68d52f262579906f7e015ba4606
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7d61662197ecdc458e33e475b6ada7f6da61d364
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/95b1ee8442cabbde83b2848e7c6100df90f3a00d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0b53842211f73a10ea174100a213f7fa14b9f33
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dfc00979ff00d9dfdfa1df32144a272ee2728102
    Patch