CVE-2026-46018
ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES
Description
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES parse_uac2_sample_rate_range() caps the number of enumerated rates at MAX_NR_RATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional triplets continues parsing the remaining triplets and repeatedly prints "invalid uac2 rates" while probe still holds register_mutex. Stop the whole parse once the cap is reached and return the number of rates collected so far.
INFO
Published Date :
May 27, 2026, 2:17 p.m.
Last Modified :
June 1, 2026, 5:17 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Update the Linux kernel to the resolved version.
- Ensure the parse_uac2_sample_rate_range function handles rate limits.
- Test the patch to confirm probe hangs are resolved.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2026-46018.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2026-46018 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2026-46018
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-46018 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2026-46018 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Jun. 01, 2026
Action Type Old Value New Value Added Reference https://git.kernel.org/stable/c/0da05fedf5e1966b7e7d389866cb86fcf09f4b32 Added Reference https://git.kernel.org/stable/c/5436bc1b07d4656f99412dc72871d250d7d55205 Added Reference https://git.kernel.org/stable/c/f14bd323eec4b4f0ef662520ec852e593ece1d4c -
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 27, 2026
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES parse_uac2_sample_rate_range() caps the number of enumerated rates at MAX_NR_RATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional triplets continues parsing the remaining triplets and repeatedly prints "invalid uac2 rates" while probe still holds register_mutex. Stop the whole parse once the cap is reached and return the number of rates collected so far. Added Reference https://git.kernel.org/stable/c/3c318f97dcc50b2e0556a1813bd6958678e881fd Added Reference https://git.kernel.org/stable/c/4d7893a137eadb6163ea4298bf67d74b811d76ef Added Reference https://git.kernel.org/stable/c/a0b78639ef09b2e77974a3de3b1c07f6de3c5e56 Added Reference https://git.kernel.org/stable/c/ab5ba9fd138758ddc50222264ff246b31e397abf Added Reference https://git.kernel.org/stable/c/ba036305323814ec1f8655313b2fa6a0f7048716