VDB

CVE-2026-43126

CVE-2026-43126 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the potential UAF scenarios, add sanity checks of the card disconnection at each entry point of OSS mixer accesses. The rwsem is taken just before that check, hence the rest context should be covered by that properly.

EPSS 0.02% · 4.5th percentile

Risk Scores

EPSS Score
0.02%
4.5th percentile

Affected Products

VendorProductVersions
LinuxLinux*, 6.18.16, 7.0
linuxlinux_kernel0, 0, 0

Timeline

  • May 6, 2026 CVE Published
  • May 6, 2026 Security Advisory
  • May 8, 2026 CVE Updated
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score
  • May 25, 2026 EPSS Score
  • May 26, 2026 EPSS Score

References

…and 72 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›