Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-46262— ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()

AI Predicted 5.5 Difficulty: Easy EPSS 0.09% · P1

Possible ATT&CK Techniques 1AI

T1055 · Process Injection

Affected Version Matrix 21

VendorProductVersion RangeStatus
LinuxLinux612ffe1f4f0499b3011f16d06e354a76dae2e2d1< ae5a70e3e87c28edbaf9939cfef1bcbd9615420faffected
38354c82abe7bcbcd1182a06af89d3cc16d3e2c7< 30ffcad5edb56947dccc26f6816ab7a55b21a711affected
61e007657bf7740d54ca2aadce0fb5997839818e< 29b2fbe3498da3681a01b34e4a2259f8a1b89448affected
daaf4fe333e0d48b2037cd2270bf1ff8f70d5068< b0f74f5d24fe3c73ef1369a811891198b54c1e8eaffected
cab928242853a832ffa7efda270ecfb9efeebb6e< 9a2a5da002775376498e8814df4a87cd629a3a0caffected
f514248727606b9087bc38a284ff686e0093abf1< 0886dc6326c3cc596799c4340d342898301cf52aaffected
f514248727606b9087bc38a284ff686e0093abf1< 9f16d96e1222391a6b996a1b676bec14fb91e3b2affected
5.15.201< 5.15.202affected
… +13 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-46262

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put() This reverts commit f51424872760 ("ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put()"). The original patch attempted to acquire the card->controls_rwsem lock in fsl_xcvr_mode_put(). However, this function is called from the upper ALSA core function snd_ctl_elem_write(), which already holds the write lock on controls_rwsem for the whole put operation. So there is no need to simply hold the lock for fsl_xcvr_activate_ctl() again. Acquiring the read lock while holding the write lock in the same thread results in a deadlock and a hung task, as reported by Alexander Stein.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于ASoC fsl_xcvr模块在fsl_xcvr_mode_put函数中尝试获取已由上层ALSA核心持有的controls_rwsem写锁,可能导致死锁和挂起任务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 612ffe1f4f0499b3011f16d06e354a76dae2e2d1 ~ ae5a70e3e87c28edbaf9939cfef1bcbd9615420f -
LinuxLinux 6.19 -

II. Public POCs for CVE-2026-46262

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-46262

登录查看更多情报信息。

Patches & Fixes for CVE-2026-46262 (6)

Same Patch Batch · Linux · 2026-06-03 · 32 CVEs total

CVE-2026-462449.1 CRITICALnetfilter: nft_inner: Fix IPv6 inner_thoff desync
CVE-2026-462669.1 CRITICALinet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
CVE-2026-462648.8 HIGHdrm/xe/pf: Fix sysfs initialization
CVE-2026-462738.6 HIGHibmveth: Disable GSO for packets with small MSS
CVE-2026-462518.4 HIGHbtrfs: fix block_group_tree dirty_list corruption
CVE-2026-462708.4 HIGHpower: supply: rt9455: Fix use-after-free in power_supply_changed()
CVE-2026-462637.8 HIGHdrm/amd/display: Fix out-of-bounds stream encoder index v3
CVE-2026-462607.8 HIGHipv6: Fix out-of-bound access in fib6_add_rt2node().
CVE-2026-462597.8 HIGHprocfs: fix missing RCU protection when reading real_parent in do_task_stat()
CVE-2026-462717.8 HIGHwifi: ath12k: do WoW offloads only on primary link
CVE-2026-462537.8 HIGHpstore/ram: fix buffer overflow in persistent_ram_save_old()
CVE-2026-462657.5 HIGHRDMA/hns: Fix WQ_MEM_RECLAIM warning
CVE-2026-462507.3 HIGHMIPS: Work around LLVM bug when gp is used as global register variable
CVE-2025-71314drm/panthor: Recover from panthor_gpu_flush_caches() failures
CVE-2026-46245drm/amd/display: Fix dc_link NULL handling in HPD init
CVE-2025-71313PCI: endpoint: Add missing NULL check for alloc_workqueue()
CVE-2026-46246power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler
CVE-2026-46247clk: qcom: gfx3d: add parent to parent request map
CVE-2026-46248wifi: ath12k: clear stale link mapping of ahvif->links_map
CVE-2026-46249octeontx2-af: Fix PF driver crash with kexec kernel booting

Showing top 20 of 32 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2026-46262

No comments yet


Leave a comment