Copyright © 2012 Red Hat, Inc. All rights reserved. Low 2026-06-03T00:00:00 kernel: ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put() 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CWE-833

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put() This reverts commit f51424872760 ("ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put()"). The original patch attempted to acquire the card->controls_rwsem lock in fsl_xcvr_mode_put(). However, this function is called from the upper ALSA core function snd_ctl_elem_write(), which already holds the write lock on controls_rwsem for the whole put operation. So there is no need to simply hold the lock for fsl_xcvr_activate_ctl() again. Acquiring the read lock while holding the write lock in the same thread results in a deadlock and a hung task, as reported by Alexander Stein.

A flaw was found in the Linux kernel's audio subsystem, specifically in the fsl_xcvr module. This vulnerability allows a local user to trigger a deadlock condition within the system. By attempting to acquire a read lock while already holding a write lock in the same process, the system can become unresponsive. This issue ultimately leads to a Denial of Service (DoS), where the system hangs and becomes unusable.

Red Hat Enterprise Linux 10 Fix deferred kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel-rt Red Hat Enterprise Linux 8 Not affected kernel Red Hat Enterprise Linux 8 Not affected kernel-rt Red Hat Enterprise Linux 9 Fix deferred kernel Red Hat Enterprise Linux 9 Fix deferred kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-46262 https://nvd.nist.gov/vuln/detail/CVE-2026-46262 https://lore.kernel.org/linux-cve-announce/2026060337-CVE-2026-46262-cdb5@gregkh/T