{"id":"CVE-2026-46018","summary":"ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES\n\nparse_uac2_sample_rate_range() caps the number of enumerated\nrates at MAX_NR_RATES, but it only breaks out of the current\nrate loop. A malformed UAC2 RANGE response with additional\ntriplets continues parsing the remaining triplets and repeatedly\nprints \"invalid uac2 rates\" while probe still holds\nregister_mutex.\n\nStop the whole parse once the cap is reached and return the\nnumber of rates collected so far.","modified":"2026-07-08T08:09:41.959886411Z","published":"2026-05-27T12:56:19.588Z","related":["openSUSE-SU-2026:10954-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46018.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0da05fedf5e1966b7e7d389866cb86fcf09f4b32"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3c318f97dcc50b2e0556a1813bd6958678e881fd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4d7893a137eadb6163ea4298bf67d74b811d76ef"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5436bc1b07d4656f99412dc72871d250d7d55205"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a0b78639ef09b2e77974a3de3b1c07f6de3c5e56"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ab5ba9fd138758ddc50222264ff246b31e397abf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ba036305323814ec1f8655313b2fa6a0f7048716"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f14bd323eec4b4f0ef662520ec852e593ece1d4c"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46018.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-46018"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4fa0e81b83503900be277e6273a79651b375e288"},{"fixed":"5436bc1b07d4656f99412dc72871d250d7d55205"},{"fixed":"0da05fedf5e1966b7e7d389866cb86fcf09f4b32"},{"fixed":"f14bd323eec4b4f0ef662520ec852e593ece1d4c"},{"fixed":"ab5ba9fd138758ddc50222264ff246b31e397abf"},{"fixed":"ba036305323814ec1f8655313b2fa6a0f7048716"},{"fixed":"4d7893a137eadb6163ea4298bf67d74b811d76ef"},{"fixed":"a0b78639ef09b2e77974a3de3b1c07f6de3c5e56"},{"fixed":"3c318f97dcc50b2e0556a1813bd6958678e881fd"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"44f059fb742aac78cffdab5e0d8fe0c9910c1ded"},{"last_affected":"c25a53781f61c78bf2a2fa308bbd35b42ba346f6"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3.0.81"},{"fixed":"3.1"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3.2.47"},{"fixed":"3.3"}]}],"versions":["v3.2.46","v3.0.80","v3.2.45","v3.0.79","v3.0.78","v3.2.44","v3.0.77","v3.0.76","v3.0.75","v3.0.74","v3.2.43","v3.0.73","v3.0.72","v3.2.42","v3.0.71","v3.0.70","v3.2.41","v3.0.69","v3.2.40","v3.0.68","v3.2.39","v3.0.67","v3.0.66","v3.0.65","v3.2.38","v3.0.64","v3.0.63","v3.0.62","v3.2.37","v3.0.61","v3.0.60","v3.0.59","v3.0.58","v3.2.36","v3.0.57","v3.2.35","v3.0.56","v3.0.55","v3.2.34","v3.0.54","v3.0.53","v3.0.52","v3.0.51","v3.2.33","v3.0.50","v3.0.49","v3.2.32","v3.0.48","v3.0.47","v3.0.46","v3.2.31","v3.0.45","v3.2.30","v3.0.44","v3.0.43","v3.2.29","v3.0.42","v3.2.28","v3.0.41","v3.2.27","v3.0.40","v3.2.26","v3.0.39","v3.2.25","v3.2.24","v3.0.38","v3.2.23","v3.0.37","v3.0.36","v3.2.22","v3.2.21","v3.0.35","v3.2.20","v3.0.34","v3.2.19","v3.0.33","v3.0.32","v3.2.18","v3.0.31","v3.2.17","v3.2.16","v3.0.30","v3.0.29","v3.0.28","v3.2.15","v3.2.14","v3.0.27","v3.2.13","v3.0.26","v3.2.12","v3.0.25","v3.2.11","v3.0.24","v3.2","v3.2.10","v3.2.9","v3.0.23","v3.0.22","v3.2.8","v3.2.7","v3.0.21","v3.2.6","v3.2.5","v3.0.20","v3.2.4","v3.0.19","v3.2.3","v3.2.2","v3.0.18","v3.0.17","v3.2.1","v3.0.16","v3.2-rc4","v3.2-rc7","v3.0.15","v3.2-rc6","v3.2-rc5","v3.0.14","v3.0.13","v3.2-rc3","v3.1","v3.2-rc2","v3.0.12","v3.2-rc1","v3.0.11","v3.0.10","v3.0.9","v3.0.8","v3.1-rc1","v3.1-rc9","v3.1-rc8","v3.0.7","v3.1-rc10","v3.1-rc7","v3.0.6","v3.1-rc3","v3.1-rc2","v3.0.5","v3.0.4","v3.1-rc4","v3.1-rc5","v3.0","v3.1-rc6","v3.0.3","v3.0.2","v3.0.1","v3.0-rc7","v3.0-rc4","v3.0-rc6","v3.0-rc5","v3.0-rc3","v3.0-rc1","v2.6.39","v3.0-rc2","v2.6.38","v2.6.39-rc2","v2.6.39-rc7","v2.6.39-rc5","v2.6.39-rc1","v2.6.38-rc7","v2.6.39-rc6","v2.6.39-rc4","v2.6.39-rc3","v2.6.37","v2.6.38-rc1","v2.6.38-rc8","v2.6.38-rc2","v2.6.38-rc6","v2.6.38-rc5","v2.6.38-rc4","v2.6.38-rc3","v2.6.37-rc4","v2.6.37-rc2","v2.6.36","v2.6.37-rc5","v2.6.37-rc8","v2.6.37-rc7","v2.6.37-rc6","v2.6.37-rc1","v2.6.37-rc3","v2.6.36-rc6","v2.6.35-rc4","v2.6.36-rc8","v2.6.35","v2.6.36-rc7","v2.6.36-rc3","v2.6.36-rc5","v2.6.36-rc4","v2.6.36-rc2","v2.6.36-rc1","v2.6.35-rc5","v2.6.35-rc6","v2.6.34","v2.6.35-rc3","v2.6.35-rc1","v2.6.35-rc2","v2.6.34-rc7","v2.6.34-rc6","v2.6.34-rc5","v2.6.34-rc4","v2.6.34-rc3","v2.6.34-rc2","v2.6.34-rc1","v2.6.33","v2.6.33-rc6","v2.6.33-rc8","v2.6.33-rc4","v2.6.33-rc5","v2.6.33-rc3","v2.6.33-rc7","v2.6.33-rc2","v2.6.32","v2.6.33-rc1","v2.6.32-rc8","v2.6.32-rc7","v2.6.32-rc6","v2.6.31","v2.6.32-rc5","v2.6.32-rc4","v2.6.32-rc2","v2.6.32-rc1","v2.6.32-rc3","v2.6.31-rc9","v2.6.31-rc1","v2.6.31-rc7","v2.6.31-rc8","v2.6.31-rc6","v2.6.30-rc6","v2.6.30","v2.6.31-rc4","v2.6.31-rc5","v2.6.31-rc3","v2.6.31-rc2","v2.6.30-rc7","v2.6.30-rc8","v2.6.30-rc5","v2.6.30-rc3","v2.6.30-rc4","v2.6.30-rc1","v2.6.30-rc2","v2.6.29","v2.6.29-rc8","v2.6.29-rc7","v2.6.29-rc5","v2.6.29-rc1","v2.6.29-rc6","v2.6.29-rc4","v2.6.29-rc3","v2.6.29-rc2","v2.6.28","v2.6.28-rc7","v2.6.28-rc9","v2.6.28-rc8","v2.6.28-rc6","v2.6.28-rc5","v2.6.28-rc4","v2.6.28-rc2","v2.6.28-rc3","v2.6.28-rc1","v2.6.27","v2.6.27-rc7","v2.6.27-rc9","v2.6.27-rc8","v2.6.27-rc5","v2.6.27-rc6","v2.6.27-rc4","v2.6.27-rc1","v2.6.27-rc3","v2.6.27-rc2","v2.6.26","v2.6.26-rc9","v2.6.26-rc8","v2.6.26-rc3","v2.6.26-rc7","v2.6.26-rc6","v2.6.26-rc5","v2.6.26-rc4","v2.6.26-rc2","v2.6.26-rc1","v2.6.25","v2.6.25-rc7","v2.6.25-rc9","v2.6.25-rc8","v2.6.25-rc6","v2.6.25-rc5","v2.6.25-rc3","v2.6.25-rc4","v2.6.24","v2.6.25-rc2","v2.6.25-rc1","v2.6.24-rc8","v2.6.24-rc7","v2.6.24-rc6","v2.6.24-rc5","v2.6.24-rc4","v2.6.24-rc3","v2.6.24-rc2","v2.6.24-rc1","v2.6.23","v2.6.23-rc9","v2.6.23-rc8","v2.6.23-rc5","v2.6.23-rc7","v2.6.23-rc6","v2.6.23-rc4","v2.6.23-rc3","v2.6.23-rc2","v2.6.23-rc1","v2.6.22","v2.6.22-rc7","v2.6.22-rc6","v2.6.22-rc5","v2.6.22-rc4","v2.6.22-rc3","v2.6.22-rc2","v2.6.22-rc1","v2.6.21","v2.6.21-rc7","v2.6.21-rc6","v2.6.21-rc5","v2.6.21-rc4","v2.6.21-rc3","v2.6.21-rc2","v2.6.21-rc1","v2.6.20-rc7","v2.6.20-rc6","v2.6.20-rc5","v2.6.20-rc4","v2.6.20-rc3","v2.6.20-rc1","v2.6.20-rc2","v2.6.19-rc2","v2.6.18","v2.6.19-rc1","v2.6.18-rc6","v2.6.18-rc5","v2.6.18-rc3","v2.6.18-rc2","v2.6.18-rc1","v2.6.17","v2.6.17-rc4","v2.6.17-rc6","v2.6.17-rc5","v2.6.17-rc3","v2.6.17-rc2","v2.6.17-rc1","v2.6.16","v2.6.16-rc6","v2.6.16-rc4","v2.6.16-rc5","v2.6.16-rc3","v2.6.16-rc2","v2.6.16-rc1","v2.6.15-rc7","v2.6.15-rc5","v2.6.15-rc4","v2.6.15-rc2","v2.6.15-rc1","v2.6.14-rc3","v2.6.14-rc2","v2.6.14-rc1","v2.6.13","v2.6.13-rc7","v2.6.13-rc6","v2.6.13-rc5","v2.6.13-rc3","v2.6.13-rc4","v2.6.13-rc2","v2.6.13-rc1","v2.6.12-rc4","v2.6.12-rc3","v2.6.12-rc2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46018.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.3.0"},{"fixed":"5.10.258"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.209"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.175"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.140"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.86"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.27"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"7.0.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46018.json"}}],"schema_version":"1.7.5"}