Description
In the Linux kernel, the following vulnerability has been resolved:

ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path

The previous fix for handling the error from setup_card() missed that
an internal URB cdev->ep1_in_urb might have been already submitted
beforehand. In the normal case, this URB gets killed at the
disconnection, but in the error path, we didn't do it, hence there can
be a potential leak.

Fix it in the error path for setup_card(), too.
Published: 2026-05-27
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel's ALSA caiaq driver contains a flaw where a pending USB Request Block (URB) named ep1_in_urb may remain allocated when the setup_card() function encounters an error. Because the kernel does not cancel or free this URB on the error path, the resource can leak, consuming kernel memory and potentially degrading system stability or leading to a denial of service. This flaw is a kernel‑level resource management issue that can affect any system running the affected driver version.

Affected Systems

The issue is present in the ALSA caiaq driver of the Linux kernel. No specific kernel version range is listed, so all kernel releases that include this driver are potentially affected unless later superseded by a patch.

Risk and Exploitability

The CVSS score is not published, and the EPSS score is unavailable, but the flaw has not been listed in the CISA KEV catalog. The vulnerability requires local access to the ALSA caiaq driver and a scenario that triggers the setup_card() error path, which suggests a moderate exploitation likelihood. An attacker with the ability to cause the error could exhaust kernel memory or destabilise the system, but remote exploitation without privileged access is unlikely based on the available description.

Generated by OpenCVE AI on May 27, 2026 at 17:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to the latest stable release that contains the ALSA caiaq driver fix.
  • If an immediate kernel upgrade is not possible, prevent loading the caiaq driver for devices that could trigger the error path by adding a blacklist entry or disabling the relevant hardware.
  • Reboot the system after applying the patch or blacklist to ensure all driver instances are re‑initialized.

Generated by OpenCVE AI on May 27, 2026 at 17:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 17:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 27 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path The previous fix for handling the error from setup_card() missed that an internal URB cdev->ep1_in_urb might have been already submitted beforehand. In the normal case, this URB gets killed at the disconnection, but in the error path, we didn't do it, hence there can be a potential leak. Fix it in the error path for setup_card(), too.
Title ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-27T12:55:45.563Z

Reserved: 2026-05-13T15:03:33.091Z

Link: CVE-2026-45992

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:16.747

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-45992

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T17:15:38Z

Weaknesses