CVE-2026-46179

Source
https://cve.org/CVERecord?id=CVE-2026-46179
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46179.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46179
Downstream
Related
Published
2026-05-28T09:36:33.062Z
Modified
2026-07-15T01:49:17.111174687Z
Summary
ASoC: SOF: Don't allow pointer operations on unconfigured streams
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: SOF: Don't allow pointer operations on unconfigured streams

When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the number of container bytes. These values default to 0 and are only configured as part of setting the stream parameters so this allows a divide by zero to be configured. Validate that they are non zero, returning an error if not

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46179.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c1a731c71359407eae4fd0a5fd675ef25a582764
Fixed
76ff6bfc9a809571793f425ba99f6a759108dcf8
Fixed
327a64241f30c74b6f35537eb9e1fc6c3cbe060b
Fixed
98ed1383f597f8a45b6cb816bb20b96d46eeceda
Fixed
0f0c0c1397a42aacaacae828206ee1b921623952
Fixed
4f42dd01f5217465f23a763e27b3984e114d0972
Fixed
c5b6285aae050ff1c3ea824ca3d88ac4be1e69c8

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46179.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.1.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.140
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.88
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.30
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.7

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46179.json"