CVE-2026-23078
Published: Feb 4, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Fix buffer overflow in config retrieval The scarlett2_usb_get_config() function has a logic error in the endianness conversion code that can cause buffer overflows when count > 1. The code checks `if (size == 2)` where `size` is the total buffer size in bytes, then loops `count` times treating each element as u16 (2 bytes). This causes the loop to access `count * 2` bytes when the buffer only has `size` bytes allocated. Fix by checking the element size (config_item->size) instead of the total buffer size. This ensures the endianness conversion matches the actual element type.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected ac34df733d2dfe3b553897a1e9e1a44414f09834 - < d5e80d1f97ae55bcea1426f551e4419245b41b9caffected ac34df733d2dfe3b553897a1e9e1a44414f09834 - < 51049f6e3f05d70660e2458ad3bb302a3721b751affected ac34df733d2dfe3b553897a1e9e1a44414f09834 - < 91a756d22f0482eac5bedb113c8922f90b254449affected ac34df733d2dfe3b553897a1e9e1a44414f09834 - < 27049f50be9f5ae3a62d272128ce0b381cb26a24affected ac34df733d2dfe3b553897a1e9e1a44414f09834 - < 31a3eba5c265a763260976674a22851e83128f6d+1 more versions |
Linux | Linux | affected 5.14unaffected 0 - < 5.14unaffected 5.15.199 - <= 5.15.*unaffected 6.1.162 - <= 6.1.*unaffected 6.6.122 - <= 6.6.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now