CVE-2026-46143
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk8th percentile - higher than 8% of all known CVEs
Summary
A vulnerability has been identified in the Linux kernel affecting the ASoC: qcom: q6apm-lpass-dai component. The issue allows multiple graph openings for the playback path, leading to memory leaks.
Risk Assessment
Memory leaks can result in system performance degradation and potential application crashes using this component. Organizations should be aware of the risks associated with improper memory management.
Recommendation
It is recommended to update the Linux kernel to the latest version to patch this vulnerability. Additionally, monitoring systems for abnormal memory-related behavior is advisable.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before opening.

