CVE-2026-31776

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: ctxfi: Fix missing SPDIFI1 index handling

SPDIF1 DAIO type isn't properly handled in daio_device_index() for hw20k2, and it returned -EINVAL, which ended up with the out-of-bounds array access. Follow the hw20k1 pattern and return the proper index for this type, too.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa2dbaeb5c61ef110ceefe0d48fe94d428d3bcf16 < 950decf59d4e978b60a792ce0b3e1555a608f489affected
LinuxLinuxa2dbaeb5c61ef110ceefe0d48fe94d428d3bcf16 < b045ab3dff97edae6d538eeff900a34c098761f8affected
LinuxLinux6.19affected
LinuxLinux0 < 6.19unaffected
LinuxLinux6.19.12 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References