{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-46157", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-13T15:03:33.102Z", "datePublished": "2026-05-28T09:36:12.895Z", "dateUpdated": "2026-05-30T10:48:30.191Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-30T10:48:30.191Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger\n\nCurrently the runtime.oss.trigger field may be accessed concurrently\nwithout protection, which may lead to the data race. And, in this\ncase, it may lead to more severe problem because it's a bit field; as\nwriting the data, it may overwrite other bit fields as well, which\nconfuses the operation completely, as spotted by fuzzing.\n\nFix it by covering runtime.oss.trigger bit fled also with the existing\nparams_lock mutex in both snd_pcm_oss_get_trigger() and\nsnd_pcm_oss_poll()."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH"}}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/core/oss/pcm_oss.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "49f9d048845be874df7997e4b1ce662de450c4b6", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "ac3e9b55b7da6f0be51720bd330a0edc1a8b61f1", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "6b01c1bc9a4748ab37548a700a8aaff910e298e6", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "901ac0ff15edf9503162e2cf6579bd11a30f1ed4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/core/oss/pcm_oss.c"], "versions": [{"version": "2.6.12", "status": "affected"}, {"version": "0", "lessThan": "2.6.12", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.88", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.30", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.7", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "6.12.88"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "6.18.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "7.0.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "7.1-rc2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/49f9d048845be874df7997e4b1ce662de450c4b6"}, {"url": "https://git.kernel.org/stable/c/ac3e9b55b7da6f0be51720bd330a0edc1a8b61f1"}, {"url": "https://git.kernel.org/stable/c/6b01c1bc9a4748ab37548a700a8aaff910e298e6"}, {"url": "https://git.kernel.org/stable/c/901ac0ff15edf9503162e2cf6579bd11a30f1ed4"}], "title": "ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger\n\nCurrently the runtime.oss.trigger field may be accessed concurrently\nwithout protection, which may lead to the data race. And, in this\ncase, it may lead to more severe problem because it's a bit field; as\nwriting the data, it may overwrite other bit fields as well, which\nconfuses the operation completely, as spotted by fuzzing.\n\nFix it by covering runtime.oss.trigger bit fled also with the existing\nparams_lock mutex in both snd_pcm_oss_get_trigger() and\nsnd_pcm_oss_poll()."}], "id": "CVE-2026-46157", "lastModified": "2026-05-30T11:17:24.310", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "type": "Secondary"}]}, "published": "2026-05-28T10:16:31.363", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/49f9d048845be874df7997e4b1ce662de450c4b6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6b01c1bc9a4748ab37548a700a8aaff910e298e6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/901ac0ff15edf9503162e2cf6579bd11a30f1ed4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ac3e9b55b7da6f0be51720bd330a0edc1a8b61f1"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger", "id": "2482522", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482522"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-820", "details": ["A flaw was found in the Linux kernel's Advanced Linux Sound Architecture (ALSA) Pulse Code Modulation (PCM) Open Sound System (OSS) subsystem. A data race vulnerability exists due to concurrent access to the `runtime.oss.trigger` field without proper protection. This unprotected access can lead to the overwriting of other bit fields, which may confuse the system's operation and potentially lead to integrity issues or denial of service."], "name": "CVE-2026-46157", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-05-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-46157\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-46157\nhttps://lore.kernel.org/linux-cve-announce/2026052823-CVE-2026-46157-e578@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,49f9d048845be874df7997e4b1ce662de450c4b6)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,ac3e9b55b7da6f0be51720bd330a0edc1a8b61f1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,6b01c1bc9a4748ab37548a700a8aaff910e298e6)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,901ac0ff15edf9503162e2cf6579bd11a30f1ed4)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.12.88)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.18.30)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,7.0.7)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.88,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.30,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0.7,7.1.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.1-rc2,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-05-28T13:15:22.418371+00:00", "updated": "2026-05-29T06:00:19.254913+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}