-

CVE-2026-52963

ALSA: usb-audio: Bound MIDI endpoint descriptor scans

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Bound MIDI endpoint descriptor scans

snd_usbmidi_get_ms_info() validates the internal MIDIStreaming endpoint
descriptor size before using baAssocJackID[], but the descriptor walker can
still return a class-specific endpoint descriptor whose bLength exceeds the
remaining bytes in the endpoint-extra scan.

That leaves later flexible-array reads bounded by bLength, but not by the
remaining bytes in the endpoint-extra scan.

Stop walking when bLength is zero or
extends past the remaining endpoint-extra scan.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version 5c6cd7021a05a02fcf37f360592d7c18d4d807fb
Version < e2f1260a056eb3215c13c48c5378f3e4112dc3af
Status affected
Version 5c6cd7021a05a02fcf37f360592d7c18d4d807fb
Version < c65b137d351e21cbc5630e73ef0eb1e1d75f5b20
Status affected
Version 5c6cd7021a05a02fcf37f360592d7c18d4d807fb
Version < 728ab0c72e49ca27185067984cd565425eb69b2e
Status affected
Version 5c6cd7021a05a02fcf37f360592d7c18d4d807fb
Version < 3d3b2b01a3e73828e201ece96f863e7a3e0cdc6e
Status affected
Version 5c6cd7021a05a02fcf37f360592d7c18d4d807fb
Version < a0226560540c16717efcceaf15c862cf115b01d3
Status affected
Version 5c6cd7021a05a02fcf37f360592d7c18d4d807fb
Version < 09141583bd97f4bbd7358e29fd138fe798467cdb
Status affected
Version 5c6cd7021a05a02fcf37f360592d7c18d4d807fb
Version < c59159ce10e75b568cd0d4b29efcb0fb0ddecc94
Status affected
Version 5c6cd7021a05a02fcf37f360592d7c18d4d807fb
Version < d6854daa67be623860f4e1873fd3d3c275aba4ed
Status affected
Version 9e0c71f2f633b0442661966228827d1a33df485f
Status affected
Version 0868bc5654c07628c421547f0821650a8c2cb8f3
Status affected
Version 78483c1c7741ffa72991d93d19a75bfdcc2cbf57
Status affected
Version 65d95462001c6ccd9bc9499c1fc9a90eca9de496
Status affected
Version ca767cf0152d18fc299cde85b18d1f46ac21e1ba
Status affected
Version 4.4.238
Version < 4.5
Status affected
Version 4.9.238
Version < 4.10
Status affected
Version 4.14.200
Version < 4.15
Status affected
Version 4.19.149
Version < 4.20
Status affected
Version 5.4.69
Version < 5.5
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 5.7
Status affected
Version 0
Version < 5.7
Status unaffected
Version <= 5.10.*
Version 5.10.258
Status unaffected
Version <= 5.15.*
Version 5.15.209
Status unaffected
Version <= 6.1.*
Version 6.1.175
Status unaffected
Version <= 6.6.*
Version 6.6.141
Status unaffected
Version <= 6.12.*
Version 6.12.91
Status unaffected
Version <= 6.18.*
Version 6.18.33
Status unaffected
Version <= 7.0.*
Version 7.0.10
Status unaffected
Version <= *
Version 7.1
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.082
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/e2f1260a056eb3215c13c48c5378f3e4112dc3af
https://git.kernel.org/stable/c/c65b137d351e21cbc5630e73ef0eb1e1d75f5b20
https://git.kernel.org/stable/c/728ab0c72e49ca27185067984cd565425eb69b2e
https://git.kernel.org/stable/c/3d3b2b01a3e73828e201ece96f863e7a3e0cdc6e
https://git.kernel.org/stable/c/a0226560540c16717efcceaf15c862cf115b01d3
https://git.kernel.org/stable/c/09141583bd97f4bbd7358e29fd138fe798467cdb
https://git.kernel.org/stable/c/c59159ce10e75b568cd0d4b29efcb0fb0ddecc94
https://git.kernel.org/stable/c/d6854daa67be623860f4e1873fd3d3c275aba4ed