Volerion logoVolerion
Volerion logoVolerion

Linux Kernel SPDIF1 Enumeration Vulnerability in ALSA Context-FI Driver

Vulnerability

A vulnerability in the Linux kernel's ALSA Context-FI driver can lead to a kernel crash on the hw20k2 model. This issue arises from a recent refactoring of the xfi driver, which altered how digital audio interface (DAI) resources are assigned. The change inadvertently caused the driver to enumerate an SPDIF1 entry that is only relevant for the hw20k1 CTSB073X model, leading to a crash on hw20k2. The problem has been acknowledged and worked around in a previous commit, but this patch aims to properly address the root cause by excluding the incorrect SPDIF1 type from the enumeration process.

Impact

The vulnerability causes a kernel crash on the hw20k2 model, disrupting system operation and potentially leading to a denial of service.

Remediation

Users can apply the patch included in the Linux kernel stable commit 75dc1980cf48826287e43dc7a49e310c6691f97e to address this vulnerability.

Added: May 1, 2026, 4:15 PM
Updated: May 1, 2026, 4:15 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.5
remediation
7.7
relevance
7.2
threat
3.2
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.