CVE-2026-46262

Source
https://cve.org/CVERecord?id=CVE-2026-46262
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46262.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46262
Downstream
Published
2026-06-03T15:49:59.980Z
Modified
2026-07-08T08:05:17.593133954Z
Summary
ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput()

This reverts commit f51424872760 ("ASoC: fslxcvr: fix missing lock in fslxcvrmodeput()").

The original patch attempted to acquire the card->controlsrwsem lock in fslxcvrmodeput(). However, this function is called from the upper ALSA core function sndctlelemwrite(), which already holds the write lock on controlsrwsem for the whole put operation. So there is no need to simply hold the lock for fslxcvractivate_ctl() again.

Acquiring the read lock while holding the write lock in the same thread results in a deadlock and a hung task, as reported by Alexander Stein.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46262.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
612ffe1f4f0499b3011f16d06e354a76dae2e2d1
Fixed
ae5a70e3e87c28edbaf9939cfef1bcbd9615420f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
38354c82abe7bcbcd1182a06af89d3cc16d3e2c7
Fixed
30ffcad5edb56947dccc26f6816ab7a55b21a711
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
61e007657bf7740d54ca2aadce0fb5997839818e
Fixed
29b2fbe3498da3681a01b34e4a2259f8a1b89448
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
daaf4fe333e0d48b2037cd2270bf1ff8f70d5068
Fixed
b0f74f5d24fe3c73ef1369a811891198b54c1e8e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
cab928242853a832ffa7efda270ecfb9efeebb6e
Fixed
9a2a5da002775376498e8814df4a87cd629a3a0c
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f514248727606b9087bc38a284ff686e0093abf1
Fixed
0886dc6326c3cc596799c4340d342898301cf52a
Fixed
9f16d96e1222391a6b996a1b676bec14fb91e3b2
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5.15.201
Fixed
5.15.202
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6.1.164
Fixed
6.1.165
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6.6.127
Fixed
6.6.128
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6.12.74
Fixed
6.12.75
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6.18.13
Fixed
6.18.14

Affected versions

v5.*
v5.15.201
v6.*
v6.1.164
v6.12.74
v6.18.13
v6.6.127

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46262.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.202
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.165
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.128
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.14
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46262.json"