ALSA: ctxfi: Add fallback to default RSR for S/PDIF

Summary

CVE	CVE-2026-46049
State	PUBLISHED
Assigner	Linux
Source Priority	CVE Program / NVD first with legacy fallback
Published	2026-05-27 14:17:24 UTC
Updated	2026-06-01 17:17:21 UTC
Description	In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdif_passthru_playback_get_resources() uses atc->pll_rate as the RSR for the MSR calculation loop. However, pll_rate is only updated in atc_pll_init() and not in hw_pll_init(), so it remains 0 after the card init. When spdif_passthru_playback_setup() skips atc_pll_init() for 32000 Hz, (rsr * desc.msr) always becomes 0, causing the loop to spin indefinitely. Add fallback to use atc->rsr when atc->pll_rate is 0. This reflects the hardware state, since hw_card_init() already configures the PLL to the default RSR.

Risk And Classification

EPSS: 0.000320000 probability, percentile 0.097350000 (date 2026-06-04)

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Linux	Linux	affected 8cc72361481f00253f1e468ade5795427386d593 d0b53842211f73a10ea174100a213f7fa14b9f33 git	Not specified
CNA	Linux	Linux	affected 8cc72361481f00253f1e468ade5795427386d593 615b7a5e5d8be68d52f262579906f7e015ba4606 git	Not specified
CNA	Linux	Linux	affected 8cc72361481f00253f1e468ade5795427386d593 dfc00979ff00d9dfdfa1df32144a272ee2728102 git	Not specified
CNA	Linux	Linux	affected 8cc72361481f00253f1e468ade5795427386d593 25ded535ee261161bcf19dafd525c542e606559d git	Not specified
CNA	Linux	Linux	affected 8cc72361481f00253f1e468ade5795427386d593 30f9494c6f2b53a78822cfb653ffbb1d092d44c8 git	Not specified
CNA	Linux	Linux	affected 8cc72361481f00253f1e468ade5795427386d593 09496158f6ebba8830593f8972035c02f97124c1 git	Not specified
CNA	Linux	Linux	affected 8cc72361481f00253f1e468ade5795427386d593 95b1ee8442cabbde83b2848e7c6100df90f3a00d git	Not specified
CNA	Linux	Linux	affected 8cc72361481f00253f1e468ade5795427386d593 7d61662197ecdc458e33e475b6ada7f6da61d364 git	Not specified
CNA	Linux	Linux	affected 2.6.31	Not specified
CNA	Linux	Linux	unaffected 2.6.31 semver	Not specified
CNA	Linux	Linux	unaffected 5.10.258 5.10.* semver	Not specified
CNA	Linux	Linux	unaffected 5.15.209 5.15.* semver	Not specified
CNA	Linux	Linux	unaffected 6.1.175 6.1.* semver	Not specified
CNA	Linux	Linux	unaffected 6.6.140 6.6.* semver	Not specified
CNA	Linux	Linux	unaffected 6.12.86 6.12.* semver	Not specified
CNA	Linux	Linux	unaffected 6.18.27 6.18.* semver	Not specified
CNA	Linux	Linux	unaffected 7.0.4 7.0.* semver	Not specified
CNA	Linux	Linux	unaffected 7.1-rc1 * original_commit_for_fix	Not specified

References

Reference	Source	Link	Tags
git.kernel.org/stable/c/30f9494c6f2b53a78822cfb653ffbb1d092d44c8	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/7d61662197ecdc458e33e475b6ada7f6da61d364	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/09496158f6ebba8830593f8972035c02f97124c1	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/615b7a5e5d8be68d52f262579906f7e015ba4606	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/d0b53842211f73a10ea174100a213f7fa14b9f33	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/dfc00979ff00d9dfdfa1df32144a272ee2728102	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/95b1ee8442cabbde83b2848e7c6100df90f3a00d	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/25ded535ee261161bcf19dafd525c542e606559d	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.