Linux Kernel sound driver ua101 divisionbyzero CVE-2026-46184
CVE-2026-46184 Published on May 28, 2026
sound: ua101: fix division by zero at probe
In the Linux kernel, the following vulnerability has been resolved:
sound: ua101: fix division by zero at probe
Add a missing sanity check for bNrChannels in detect_usb_format()
to prevent a division by zero in playback_urb_complete() and
capture_urb_complete().
USB core does not validate class-specific descriptor fields such
as bNrChannels, so drivers must verify them before use. If a
device provides bNrChannels = 0, frame_bytes becomes zero and is
later used as a divisor in the URB completion handlers, leading
to a kernel crash.
Products Associated with CVE-2026-46184
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 63978ab3e3e963db28093b53bb4598f2702e1ad7 and below 6162e8212e88c39492d981b248b5e37002486c66 is affected.
- Version 63978ab3e3e963db28093b53bb4598f2702e1ad7 and below 593dd7e6c890d8e4ca21b3e2f796b7cb8e8da983 is affected.
- Version 63978ab3e3e963db28093b53bb4598f2702e1ad7 and below 0ff2b713f406e9ecadb406014d74e7a020ac12b1 is affected.
- Version 63978ab3e3e963db28093b53bb4598f2702e1ad7 and below f1862dbf09080254c52175a448290c784dd7d3de is affected.
- Version 63978ab3e3e963db28093b53bb4598f2702e1ad7 and below d1f73f169c1014463b5060e3f60813e13ddc7b87 is affected.
- Version 2.6.34 is affected.
- Before 2.6.34 is unaffected.
- Version 6.6.140, <= 6.6.* is unaffected.
- Version 6.12.88, <= 6.12.* is unaffected.
- Version 6.18.30, <= 6.18.* is unaffected.
- Version 7.0.7, <= 7.0.* is unaffected.
- Version 7.1-rc2, <= * is unaffected.