PT-2026-54818 · Linux · Linux Kernel
Published
2026-07-01
·
Updated
2026-07-02
·
CVE-2026-53350
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A NULL dereference occurs in the ASOC wm adsp component during the removal of firmware controls. The function
wm adsp control remove() attempts to clean up private data pointed to by the priv variable without verifying if the pointer is NULL. This situation arises when private data is not created, which happens if the control is a SYSTEM control or if the codec driver has a control add() callback that hides the control, preventing wm adsp control add() from being called. When cs dsp remove() destroys the control list, it triggers wm adsp control remove(), leading to the crash.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux Kernel