CVE-2026-43436
ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descriptor is passed, since it assumes the presence of an endpoint in the parsed interface in scarlett2_find_fc_interface(), as reported by fuzzer. For avoiding the NULL dereference, just add the sanity check of bNumEndpoints and skip the invalid interface.
| Vendor | linux |
| Product | linux |
| Ecosystems | |
| Industries | Technology |
| Published | May 8, 2026 |
| Last Updated | May 11, 2026 |
Stay Ahead of the Next One
Get instant alerts for linux linux
Be the first to know when new unknown vulnerabilities affecting linux linux are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Linux / Linux
6c0a2078134aba6a77291554035304df9e16b85c < b014cc945baba75816cda0cf8934be87c9ed4947 6c0a2078134aba6a77291554035304df9e16b85c < c5c5a6c53cf3b658f1d4512dfa61f3cd25bc34ba 6c0a2078134aba6a77291554035304df9e16b85c < b267255c15d2a5b90c4e926146aa155e5161e264 6c0a2078134aba6a77291554035304df9e16b85c < 3d542cf3c4c854cdf5d58049771f68926b9eb2b9 6c0a2078134aba6a77291554035304df9e16b85c < 3d4f23885e4b90347c9a1d779af6e79a99b5172a 6c0a2078134aba6a77291554035304df9e16b85c < df1d8abf36ca3681c21a6809eaa9a1e01ef897a6
Linux / Linux
5.14
References
git.kernel.org: https://git.kernel.org/stable/c/b014cc945baba75816cda0cf8934be87c9ed4947 git.kernel.org: https://git.kernel.org/stable/c/c5c5a6c53cf3b658f1d4512dfa61f3cd25bc34ba git.kernel.org: https://git.kernel.org/stable/c/b267255c15d2a5b90c4e926146aa155e5161e264 git.kernel.org: https://git.kernel.org/stable/c/3d542cf3c4c854cdf5d58049771f68926b9eb2b9 git.kernel.org: https://git.kernel.org/stable/c/3d4f23885e4b90347c9a1d779af6e79a99b5172a git.kernel.org: https://git.kernel.org/stable/c/df1d8abf36ca3681c21a6809eaa9a1e01ef897a6