CVE-2026-53291

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda/conexant: Fix missing error check for jack detection

In cx_probe(), the return value of snd_hda_jack_detect_enable_callback() is ignored. This function returns a pointer, and if it fails (e.g., due to memory allocation failure), it returns an error pointer which must be checked using IS_ERR().

If the registration fails, the driver continues to probe, but the jack detection callback will not be registered. This can lead to a kernel crash later when the driver attempts to handle jack events or accesses the uninitialized structure.

Check the return value using IS_ERR() and propagate the error via PTR_ERR() to the probe caller.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf13b8cb5a6920ad98b751d3134686f29810577d4 < 49c2c5924552e1d2f8b635dee663abebbb7cf63baffected
LinuxLinux2cb659ef0ac744545499e7c37665b276d9e405da < a2a33e87a2ffce3046c574d24eec4390c27c9365affected
LinuxLinux24d748413cc4e1d97074bae1f335d32d30912f10 < d68f753d89f4ef6e410d7e8b7e8ab2fdde921b80affected
LinuxLinux7aeb259086487417f0fecf66e325bee133e8813a < dd110cc00cf854a8ecd8d003127a4178c28574eaaffected
LinuxLinux7aeb259086487417f0fecf66e325bee133e8813a < f837c7b85143a7c54140ff41ad5c076b73cd9933affected
LinuxLinux7aeb259086487417f0fecf66e325bee133e8813a < 1da5c73f3793b224696617a2a21def7500ba18d6affected
LinuxLinux7aeb259086487417f0fecf66e325bee133e8813a < b0e2333a231107adedd38c6fcfe1adc6162716fcaffected
LinuxLinux4a28302b2c681e3cf85e3b41231fff363c4c6a0eaffected
LinuxLinux5.15.149 < 5.15.209affected
LinuxLinux6.1.77 < 6.1.175affected
LinuxLinux6.6.16 < 6.6.141affected
LinuxLinux6.7.4 < 6.8affected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux5.15.209 <= 5.15.*unaffected
LinuxLinux6.1.175 <= 6.1.*unaffected
LinuxLinux6.6.141 <= 6.6.*unaffected
LinuxLinux6.12.91 <= 6.12.*unaffected
LinuxLinux6.18.33 <= 6.18.*unaffected
LinuxLinux7.0.10 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References