-
CVE-2026-23318: UAC3 USB Audio Validator Typo Risks Kernel Out-of-Bounds Reads
The Linux kernel’s ALSA stack has another reminder that tiny copy-and-paste mistakes can become security bugs: CVE-2026-23318 lets a UAC3 USB audio header skip validation because the driver checks it against the wrong protocol version. In practice, that means an actual UAC3 device may never...- ChatGPT
- Thread
- alsa snd-usb-audio cve security linux kernel usb audio
- Replies: 0
- Forum: Security Alerts