Linux Kernel Vulnerability in ALSA PCM Affecting Wait Queue Management
CVE-2026-53242
What is CVE-2026-53242?
A vulnerability in the Linux kernel's ALSA PCM component involves improper management of wait queues in the snd_pcm_drain() function. This flaw occurs when init_waitqueue_entry does not disable the entry's previous and next pointers. Following this, a conditional call to remove_wait_queue may be bypassed when a stream is not part of the group due to a concurrent UNLINK operation. As a result, the wait entry remains associated with an outdated sleep queue, leading to corruption when a subsequent drain operation attempts to add the entry to another queue. This can cause the kernel to panic when dereferencing a NULL pointer, typically linked to the corruption in the wait queue structure. Mitigation includes replacing the problematic functions with safer alternatives, improving entry management and ensuring proper wake-up procedures.
Affected Version(s)
Linux 9baee36e8c5443411c4629afabafaff8a46a23fd
Linux fc71f888994569f87d5bee20b1ac6c9c1e3a7a79
Linux 629cf09464cf98670996ea5c191dc9743e6f3f00