Linux Kernel Memory Management Issue in ALSA hda/conexant Driver
CVE-2026-53291
What is CVE-2026-53291?
A vulnerability has been identified in the ALSA hda/conexant driver of the Linux kernel that relates to improper error handling during jack detection. Specifically, in the cx_probe() function, the return value from snd_hda_jack_detect_enable_callback() is not adequately checked. If the function fails, it can return an error pointer due to memory allocation issues. The failure to validate this return value could result in the driver proceeding without registering the necessary jack detection callback. Consequently, this oversight can lead to a kernel crash when the driver later attempts to handle jack events or accesses uninitialized structures. To mitigate this risk, it's essential to check the return value using IS_ERR() and appropriately propagate the error via PTR_ERR() to the probe caller.
Affected Version(s)
Linux f13b8cb5a6920ad98b751d3134686f29810577d4 < 49c2c5924552e1d2f8b635dee663abebbb7cf63b
Linux 2cb659ef0ac744545499e7c37665b276d9e405da
Linux 24d748413cc4e1d97074bae1f335d32d30912f10