VYPR
Medium severity5.5NVD Advisory· Published Jun 3, 2026· Updated Jun 9, 2026

CVE-2026-46262

CVE-2026-46262

Description

In the Linux kernel, the following vulnerability has been resolved:

ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()

This reverts commit f51424872760 ("ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put()").

The original patch attempted to acquire the card->controls_rwsem lock in fsl_xcvr_mode_put(). However, this function is called from the upper ALSA core function snd_ctl_elem_write(), which already holds the write lock on controls_rwsem for the whole put operation. So there is no need to simply hold the lock for fsl_xcvr_activate_ctl() again.

Acquiring the read lock while holding the write lock in the same thread results in a deadlock and a hung task, as reported by Alexander Stein.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • Linux/Kernel8 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.19.1,<6.19.4
    • cpe:2.3:o:linux:linux_kernel:5.15.201:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.1.164:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.12.74:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.18.13:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.19:-:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.6.127:*:*:*:*:*:*:*
    • (no CPE)
  • osv-coords
    Range: < 5.15.202

Patches

Vulnerability mechanics

References

7

News mentions

1