CVE-2026-31620

UNKNOWN 0.0

ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0 A malicious USB device with the TASCAM US-144MKII device id can have a configuration containing bInterfaceNumber=1 but no interface 0. USB configuration descriptors are not required to assign interface numbers sequentially, so usb_ifnum_to_if(dev, 0) returns will NULL, which will then be dereferenced directly. Fix this up by checking the return value properly.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 24, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 09b145c1f1331c40dc955c0024d636f25417cddb 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < fbaf29ce00e7bce683f3faf4f2b326bd0a9e6602 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < d04dd67ab10dc978c6c843c6bd6a2a66a9444f51

Linux / Linux

All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/09b145c1f1331c40dc955c0024d636f25417cddb git.kernel.org: https://git.kernel.org/stable/c/fbaf29ce00e7bce683f3faf4f2b326bd0a9e6602 git.kernel.org: https://git.kernel.org/stable/c/d04dd67ab10dc978c6c843c6bd6a2a66a9444f51