CVE-2026-46184
Division by Zero in Linux Kernel USB Audio Driver
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is caused by a missing sanity check for the bNrChannels field in the Linux kernel sound driver ua101, which can lead to a division by zero and kernel crash.
Immediate mitigation steps include updating the Linux kernel to a version where this issue is fixed, as the patch adds a check to prevent bNrChannels from being zero before performing division.
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel sound subsystem, specifically in the ua101 driver. It occurs because the driver does not properly check the value of bNrChannels, a field that indicates the number of audio channels. If a USB device reports bNrChannels as zero, the driver uses this value in a division operation without validation, causing a division by zero error. This leads to a kernel crash during audio playback or capture.
How can this vulnerability impact me? :
The impact of this vulnerability is a potential kernel crash on a Linux system using the affected ua101 sound driver. An attacker or a malicious USB device could exploit this by providing a crafted descriptor with bNrChannels set to zero, causing the system to crash. This could lead to denial of service, requiring a system reboot and potentially causing data loss or disruption of services.