ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()
Summary
| CVE | CVE-2026-46262 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-06-03 18:16:27 UTC |
| Updated | 2026-06-09 19:59:58 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put() This reverts commit f51424872760 ("ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put()"). The original patch attempted to acquire the card->controls_rwsem lock in fsl_xcvr_mode_put(). However, this function is called from the upper ALSA core function snd_ctl_elem_write(), which already holds the write lock on controls_rwsem for the whole put operation. So there is no need to simply hold the lock for fsl_xcvr_activate_ctl() again. Acquiring the read lock while holding the write lock in the same thread results in a deadlock and a hung task, as reported by Alexander Stein. |
Risk And Classification
Primary CVSS: v3.1 5.5 MEDIUM from [email protected]
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS: 0.000910000 probability, percentile 0.006520000 (date 2026-06-16)
Problem Types: CWE-667
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
NoneIntegrity
NoneAvailability
HighCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | All | All | All | All |
| Operating System | Linux | Linux Kernel | 5.15.201 | All | All | All |
| Operating System | Linux | Linux Kernel | 6.1.164 | All | All | All |
| Operating System | Linux | Linux Kernel | 6.12.74 | All | All | All |
| Operating System | Linux | Linux Kernel | 6.18.13 | All | All | All |
| Operating System | Linux | Linux Kernel | 6.19 | - | All | All |
| Operating System | Linux | Linux Kernel | 6.6.127 | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected 612ffe1f4f0499b3011f16d06e354a76dae2e2d1 ae5a70e3e87c28edbaf9939cfef1bcbd9615420f git | Not specified |
| CNA | Linux | Linux | affected 38354c82abe7bcbcd1182a06af89d3cc16d3e2c7 30ffcad5edb56947dccc26f6816ab7a55b21a711 git | Not specified |
| CNA | Linux | Linux | affected 61e007657bf7740d54ca2aadce0fb5997839818e 29b2fbe3498da3681a01b34e4a2259f8a1b89448 git | Not specified |
| CNA | Linux | Linux | affected daaf4fe333e0d48b2037cd2270bf1ff8f70d5068 b0f74f5d24fe3c73ef1369a811891198b54c1e8e git | Not specified |
| CNA | Linux | Linux | affected cab928242853a832ffa7efda270ecfb9efeebb6e 9a2a5da002775376498e8814df4a87cd629a3a0c git | Not specified |
| CNA | Linux | Linux | affected f514248727606b9087bc38a284ff686e0093abf1 0886dc6326c3cc596799c4340d342898301cf52a git | Not specified |
| CNA | Linux | Linux | affected f514248727606b9087bc38a284ff686e0093abf1 9f16d96e1222391a6b996a1b676bec14fb91e3b2 git | Not specified |
| CNA | Linux | Linux | affected 5.15.201 5.15.202 semver | Not specified |
| CNA | Linux | Linux | affected 6.1.164 6.1.165 semver | Not specified |
| CNA | Linux | Linux | affected 6.6.127 6.6.128 semver | Not specified |
| CNA | Linux | Linux | affected 6.12.74 6.12.75 semver | Not specified |
| CNA | Linux | Linux | affected 6.18.13 6.18.14 semver | Not specified |
| CNA | Linux | Linux | affected 6.19 | Not specified |
| CNA | Linux | Linux | unaffected 6.19 semver | Not specified |
| CNA | Linux | Linux | unaffected 5.15.202 5.15.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.1.165 6.1.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.6.128 6.6.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.12.75 6.12.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.14 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.19.4 6.19.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0 * original_commit_for_fix | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/9f16d96e1222391a6b996a1b676bec14fb91e3b2 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/b0f74f5d24fe3c73ef1369a811891198b54c1e8e | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/0886dc6326c3cc596799c4340d342898301cf52a | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/9a2a5da002775376498e8814df4a87cd629a3a0c | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/29b2fbe3498da3681a01b34e4a2259f8a1b89448 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/30ffcad5edb56947dccc26f6816ab7a55b21a711 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/ae5a70e3e87c28edbaf9939cfef1bcbd9615420f | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.