ALSA: hda/conexant: Fix missing error check for jack detection

Summary

CVECVE-2026-53291
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-06-26 20:17:21 UTC
Updated2026-06-30 14:44:27 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cx_probe(), the return value of snd_hda_jack_detect_enable_callback() is ignored. This function returns a pointer, and if it fails (e.g., due to memory allocation failure), it returns an error pointer which must be checked using IS_ERR(). If the registration fails, the driver continues to probe, but the jack detection callback will not be registered. This can lead to a kernel crash later when the driver attempts to handle jack events or accesses the uninitialized structure. Check the return value using IS_ERR() and propagate the error via PTR_ERR() to the probe caller.

Risk And Classification

EPSS: 0.001720000 probability, percentile 0.068830000 (date 2026-07-04)

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected f13b8cb5a6920ad98b751d3134686f29810577d4 49c2c5924552e1d2f8b635dee663abebbb7cf63b git Not specified
CNA Linux Linux affected 2cb659ef0ac744545499e7c37665b276d9e405da a2a33e87a2ffce3046c574d24eec4390c27c9365 git Not specified
CNA Linux Linux affected 24d748413cc4e1d97074bae1f335d32d30912f10 d68f753d89f4ef6e410d7e8b7e8ab2fdde921b80 git Not specified
CNA Linux Linux affected 7aeb259086487417f0fecf66e325bee133e8813a dd110cc00cf854a8ecd8d003127a4178c28574ea git Not specified
CNA Linux Linux affected 7aeb259086487417f0fecf66e325bee133e8813a f837c7b85143a7c54140ff41ad5c076b73cd9933 git Not specified
CNA Linux Linux affected 7aeb259086487417f0fecf66e325bee133e8813a 1da5c73f3793b224696617a2a21def7500ba18d6 git Not specified
CNA Linux Linux affected 7aeb259086487417f0fecf66e325bee133e8813a b0e2333a231107adedd38c6fcfe1adc6162716fc git Not specified
CNA Linux Linux affected 4a28302b2c681e3cf85e3b41231fff363c4c6a0e git Not specified
CNA Linux Linux affected 5.15.149 5.15.209 semver Not specified
CNA Linux Linux affected 6.1.77 6.1.175 semver Not specified
CNA Linux Linux affected 6.6.16 6.6.141 semver Not specified
CNA Linux Linux affected 6.7.4 6.8 semver Not specified
CNA Linux Linux affected 6.8 Not specified
CNA Linux Linux unaffected 6.8 semver Not specified
CNA Linux Linux unaffected 5.15.209 5.15.* semver Not specified
CNA Linux Linux unaffected 6.1.175 6.1.* semver Not specified
CNA Linux Linux unaffected 6.6.141 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.91 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.33 6.18.* semver Not specified
CNA Linux Linux unaffected 7.0.10 7.0.* semver Not specified
CNA Linux Linux unaffected 7.1 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/a2a33e87a2ffce3046c574d24eec4390c27c9365 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/b0e2333a231107adedd38c6fcfe1adc6162716fc 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/f837c7b85143a7c54140ff41ad5c076b73cd9933 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/d68f753d89f4ef6e410d7e8b7e8ab2fdde921b80 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/dd110cc00cf854a8ecd8d003127a4178c28574ea 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/49c2c5924552e1d2f8b635dee663abebbb7cf63b 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/1da5c73f3793b224696617a2a21def7500ba18d6 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report