CVE-2026-53291

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cx_probe(), the return value of snd_hda_jack_detect_enable_callback() is ignored. This function returns a pointer, and if it fails (e.g., due to memory allocation failure), it returns an error pointer which must be checked using IS_ERR(). If the registration fails, the driver continues to probe, but the jack detection callback will not be registered. This can lead to a kernel crash later when the driver attempts to handle jack events or accesses the uninitialized structure. Check the return value using IS_ERR() and propagate the error via PTR_ERR() to the probe caller.

References

https://git.kernel.org/stable/c/f837c7b85143a7c54140ff41ad5c076b73cd9933

https://git.kernel.org/stable/c/dd110cc00cf854a8ecd8d003127a4178c28574ea

https://git.kernel.org/stable/c/d68f753d89f4ef6e410d7e8b7e8ab2fdde921b80

https://git.kernel.org/stable/c/b0e2333a231107adedd38c6fcfe1adc6162716fc

https://git.kernel.org/stable/c/a2a33e87a2ffce3046c574d24eec4390c27c9365

https://git.kernel.org/stable/c/49c2c5924552e1d2f8b635dee663abebbb7cf63b

https://git.kernel.org/stable/c/1da5c73f3793b224696617a2a21def7500ba18d6

Details

Source: Mitre, NVD

Published: 2026-06-26

Updated: 2026-06-26

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00172