CVE-2026-45992

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path The previous fix for handling the error from setup_card() missed that an internal URB cdev->ep1_in_urb might have been already submitted beforehand. In the normal case, this URB gets killed at the disconnection, but in the error path, we didn't do it, hence there can be a potential leak. Fix it in the error path for setup_card(), too.

Package Linux Kernel
Published 2026-05-27
Last modified 2026-06-01
Patch available
Yes

Affected versions

Linux kernel versions 7.1-rc1 and later are affected. Fixed in 7.1-rc2 and their respective stable series.

Affected from
≥ 7.1-rc1
Fixed in
✓ 7.1-rc2

References

The following references provide additional information about CVE-2026-45992 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

8 patch commits total View all on NVD

Frequently asked questions

  • What is CVE-2026-45992?

    CVE-2026-45992 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 7.1-rc1 onward and has been patched in 7.1-rc2. CVE-2026-45992 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

  • Is there a patch available for CVE-2026-45992?

    Yes — CVE-2026-45992 has been patched. Fixed versions include 7.1-rc2. If you are running Linux kernel 7.1-rc1 or later up to the fix versions, apply the relevant patch for your kernel branch.

  • Is CVE-2026-45992 actively exploited?

    No — CVE-2026-45992 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.

Back to
All CVEs
View on
NVD / NIST