In the Linux kernel, the following vulnerability has been resolved:
ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names()
snd_ctl_elem_init_enum_names() advances pointer p through the names
buffer while decrementing buf_len. If buf_len reaches zero but items
remain, the next iteration calls strnlen(p, 0).
While strnlen(p, 0) returns 0 and would hit the existing name_len == 0
error path, CONFIG_FORTIFY_SOURCE's fortified strnlen() first checks
maxlen against __builtin_dynamic_object_size(). When Clang loses track
of p's object size inside the loop, this triggers a BRK exception panic
before the return value is examined.
Add a buf_len == 0 guard at the loop entry to prevent calling fortified
strnlen() on an exhausted buffer.
Found by kernel fuzz testing through Xiaomi Smartphone.
References
Configurations
Configuration 1 (hide)
|
History
25 Jun 2026, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-noinfo | |
| References | () https://git.kernel.org/stable/c/1fbe46d2b72754d8bd580e13e59ccb5d3d0e8cb0 - Patch | |
| References | () https://git.kernel.org/stable/c/654c818a69c21d2bea4e8fd9eae7da865df9a5c8 - Patch | |
| References | () https://git.kernel.org/stable/c/708f6ec9bcdf58bfd561409110baaf4fd3be4ea3 - Patch | |
| References | () https://git.kernel.org/stable/c/82012fd3e78a14360fbc2f1a7491589896704f97 - Patch | |
| References | () https://git.kernel.org/stable/c/8ba0214c3dd32b8ec652947e3f2bc5b8f6e6be9e - Patch | |
| References | () https://git.kernel.org/stable/c/a470f7cabc4df72d9bd132f5719a8717292bb440 - Patch | |
| References | () https://git.kernel.org/stable/c/bfcbb4994da9e979c4bcfcf24aaaac69e457e48e - Patch | |
| References | () https://git.kernel.org/stable/c/e0da8a8cac74f4b9f577979d131f0d2b88a84487 - Patch | |
| CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
| First Time |
Linux linux Kernel
Linux |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
01 Jun 2026, 17:17
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
27 May 2026, 14:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-05-27 14:17
Updated : 2026-06-25 21:15
NVD link : CVE-2026-46088
Mitre link : CVE-2026-46088
CVE.ORG link : CVE-2026-46088
JSON object : View
Products Affected
linux
- linux_kernel
CWE
