CVE-2026-46262

{"id": "CVE-2026-46262", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2026-06-03T18:16:27.513", "references": [{"url": "https://git.kernel.org/stable/c/0886dc6326c3cc596799c4340d342898301cf52a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/29b2fbe3498da3681a01b34e4a2259f8a1b89448", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/30ffcad5edb56947dccc26f6816ab7a55b21a711", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/9a2a5da002775376498e8814df4a87cd629a3a0c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/9f16d96e1222391a6b996a1b676bec14fb91e3b2", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ae5a70e3e87c28edbaf9939cfef1bcbd9615420f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b0f74f5d24fe3c73ef1369a811891198b54c1e8e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-667"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()\n\nThis reverts commit f51424872760 (\"ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put()\").\n\nThe original patch attempted to acquire the card->controls_rwsem lock in\nfsl_xcvr_mode_put(). However, this function is called from the upper ALSA\ncore function snd_ctl_elem_write(), which already holds the write lock on\ncontrols_rwsem for the whole put operation. So there is no need to simply\nhold the lock for fsl_xcvr_activate_ctl() again.\n\nAcquiring the read lock while holding the write lock in the same thread\nresults in a deadlock and a hung task, as reported by Alexander Stein."}], "lastModified": "2026-06-09T19:59:58.960", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "411B9362-5B74-4569-8450-50CAD50DE99C", "versionEndExcluding": "6.19.4", "versionStartIncluding": "6.19.1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15.201:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3873509D-CFDC-4039-9A16-64648274E54D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1.164:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8841C0DA-359F-4C10-8F51-9494CC682F61"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6.127:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F686B00-599C-4C3E-B874-A3725ADF8B50"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12.74:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E601D5F-7735-4B9F-B177-8317F642EC01"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.18.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FBB74D9-EA97-4AD2-B9D8-DC505C2E45DE"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35C8A871-4971-433E-A046-FC9F7B7D190A"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}