Linux Kernel up to 6.19.11 ALSA atc_get_resources daios[] infinite loop

| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.5 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.19.11. Affected by this vulnerability is the function atc_get_resources of the component ALSA. This manipulation of the argument daios[] causes infinite loop.
This vulnerability appears as CVE-2026-31775. There is no available exploit.
It is advisable to upgrade the affected component.
Details
A vulnerability classified as critical was found in Linux Kernel up to 6.19.11. Affected by this vulnerability is the function atc_get_resources of the component ALSA. The manipulation of the argument daios[] with an unknown input leads to a infinite loop vulnerability. The CWE definition for the vulnerability is CWE-835. The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. As an impact it is known to affect availability. The summary by CVE is:
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Don't enumerate SPDIF1 at DAIO initialization The recent refactoring of xfi driver changed the assignment of atc->daios[] at atc_get_resources(); now it loops over all enum DAIOTYP entries while it looped formerly only a part of them. The problem is that the last entry, SPDIF1, is a special type that is used only for hw20k1 CTSB073X model (as a replacement of SPDIFIO), and there is no corresponding definition for hw20k2. Due to the lack of the info, it caused a kernel crash on hw20k2, which was already worked around by the commit b045ab3dff97 ("ALSA: ctxfi: Fix missing SPDIFI1 index handling"). This patch addresses the root cause of the regression above properly, simply by skipping the incorrect SPDIF1 type in the parser loop. For making the change clearer, the code is slightly arranged, too.
The advisory is shared at git.kernel.org. This vulnerability is known as CVE-2026-31775 since 03/09/2026. Technical details are known, but no exploit is available.
The vulnerability scanner Nessus provides a plugin with the ID 311722 (Linux Distros Unpatched Vulnerability : CVE-2026-31775), which helps to determine the existence of the flaw in a target environment.
Upgrading to version 6.19.12 eliminates this vulnerability. Applying the patch a79c4c42057818bd9de45d2627464b4f0e02196a/75dc1980cf48826287e43dc7a49e310c6691f97e is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
The vulnerability is also documented in the vulnerability database at Tenable (311722). If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.kernel.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔒VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.7VulDB Meta Temp Score: 5.5
VulDB Base Score: 5.7
VulDB Temp Score: 5.5
VulDB Vector: 🔒
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Exploiting
Class: Infinite loopCWE: CWE-835 / CWE-404
CAPEC: 🔒
ATT&CK: 🔒
Physical: No
Local: No
Remote: Partially
Availability: 🔒
Status: Not defined
EPSS Score: 🔒
EPSS Percentile: 🔒
Price Prediction: 🔍
Current Price Estimation: 🔒
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 311722
Nessus Name: Linux Distros Unpatched Vulnerability : CVE-2026-31775
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔒
Upgrade: Kernel 6.19.12
Patch: a79c4c42057818bd9de45d2627464b4f0e02196a/75dc1980cf48826287e43dc7a49e310c6691f97e
Timeline
03/09/2026 CVE reserved05/01/2026 Advisory disclosed
05/01/2026 VulDB entry created
05/03/2026 VulDB entry last update
Sources
Vendor: kernel.orgAdvisory: git.kernel.org
Status: Confirmed
CVE: CVE-2026-31775 (🔒)
GCVE (CVE): GCVE-0-2026-31775
GCVE (VulDB): GCVE-100-360613
Entry
Created: 05/01/2026 16:55Updated: 05/03/2026 07:56
Changes: 05/01/2026 16:55 (60), 05/03/2026 07:56 (2)
Complete: 🔍
Cache ID: 216::103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
No comments yet. Languages: en.
Please log in to comment.