CVE-2026-46018

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the ALSA USB audio component where the parse uac2 sample rate range() function fails to fully terminate parsing when the number of enumerated rates reaches MAX NR RATES. While the function caps the rates, it only exits the current rate loop. A malformed UAC2 RANGE response containing additional triplets causes the system to continue parsing the remaining triplets and repeatedly print "invalid uac2 rates" while the probe still holds the register mutex.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.