What is GHSA-cvxr-f657-mx22?

GHSA-cvxr-f657-mx22 is a security advisory published by GitHub Security Advisories with unknown severity. In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to...

Which CVE IDs does GHSA-cvxr-f657-mx22 cover?

GHSA-cvxr-f657-mx22 covers the following CVE IDs: CVE-2026-46049. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-cvxr-f657-mx22unknown

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to...

Vendor

GitHub Security Advisories

Published

May 27, 2026

Last Modified

May 27, 2026

🔗 CVE IDs covered (1)

CVE-2026-46049 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

ALSA: ctxfi: Add fallback to default RSR for S/PDIF

spdif_passthru_playback_get_resources() uses atc->pll_rate as the RSR for the MSR calculation loop. However, pll_rate is only updated in atc_pll_init() and not in hw_pll_init(), so it remains 0 after the card init.

When spdif_passthru_playback_setup() skips atc_pll_init() for 32000 Hz, (rsr * desc.msr) always becomes 0, causing the loop to spin indefinitely.

Add fallback to use atc->rsr when atc->pll_rate is 0. This reflects the hardware state, since hw_card_init() already configures the PLL to the default RSR.

🔗 References (7)

https://nvd.nist.gov/vuln/detail/CVE-2026-46049
https://git.kernel.org/stable/c/09496158f6ebba8830593f8972035c02f97124c1
https://git.kernel.org/stable/c/25ded535ee261161bcf19dafd525c542e606559d
https://git.kernel.org/stable/c/30f9494c6f2b53a78822cfb653ffbb1d092d44c8
https://git.kernel.org/stable/c/7d61662197ecdc458e33e475b6ada7f6da61d364
https://git.kernel.org/stable/c/95b1ee8442cabbde83b2848e7c6100df90f3a00d
https://github.com/advisories/GHSA-cvxr-f657-mx22