CVE-2026-45963

Source
https://cve.org/CVERecord?id=CVE-2026-45963
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45963.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-45963
Downstream
Published
2026-05-27T12:18:21.228Z
Modified
2026-07-08T08:09:40.264947176Z
Summary
ASoC: nau8821: Cancel delayed work on component remove
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: nau8821: Cancel delayed work on component remove

Attempting to unload the driver while a jack detection work is pending would likely crash the kernel when it is eventually scheduled for execution:

[ 1984.896308] BUG: unable to handle page fault for address: ffffffffc10c2a20 [...] [ 1984.896388] Hardware name: Valve Jupiter/Jupiter, BIOS F7A0131 01/30/2024 [ 1984.896396] Workqueue: events nau8821jdetwork [sndsocnau8821] [ 1984.896414] RIP: 0010:__mutexlock+0x9f/0x11d0 [...] [ 1984.896504] Call Trace: [ 1984.896511] <TASK> [ 1984.896524] ? sndsocdapmdisablepin+0x26/0x60 [sndsoccore] [ 1984.896572] ? sndsocdapmdisablepin+0x26/0x60 [sndsoccore] [ 1984.896596] sndsocdapmdisablepin+0x26/0x60 [sndsoccore] [ 1984.896622] nau8821jdetwork+0xeb/0x1e0 [sndsocnau8821] [ 1984.896636] processonework+0x211/0x590 [ 1984.896649] ? srsoreturnthunk+0x5/0x5f [ 1984.896670] workerthread+0x1cd/0x3a0

Cancel unscheduled jdet_work or wait for its execution to finish before the component driver gets removed.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45963.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
aab1ad11d69fa7f35cb88105614ea7911598e1d6
Fixed
3955767ec39dcc0358470ffe6535703e2b7fd815
Fixed
dbd3fd05cddfdeec1e49b0a66269881c09eebd17

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45963.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45963.json"