CVE-2026-45963
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
27/05/2026
Last modified:
16/06/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ASoC: nau8821: Cancel delayed work on component remove<br />
<br />
Attempting to unload the driver while a jack detection work is pending<br />
would likely crash the kernel when it is eventually scheduled for<br />
execution:<br />
<br />
[ 1984.896308] BUG: unable to handle page fault for address: ffffffffc10c2a20<br />
[...]<br />
[ 1984.896388] Hardware name: Valve Jupiter/Jupiter, BIOS F7A0131 01/30/2024<br />
[ 1984.896396] Workqueue: events nau8821_jdet_work [snd_soc_nau8821]<br />
[ 1984.896414] RIP: 0010:__mutex_lock+0x9f/0x11d0<br />
[...]<br />
[ 1984.896504] Call Trace:<br />
[ 1984.896511] <br />
[ 1984.896524] ? snd_soc_dapm_disable_pin+0x26/0x60 [snd_soc_core]<br />
[ 1984.896572] ? snd_soc_dapm_disable_pin+0x26/0x60 [snd_soc_core]<br />
[ 1984.896596] snd_soc_dapm_disable_pin+0x26/0x60 [snd_soc_core]<br />
[ 1984.896622] nau8821_jdet_work+0xeb/0x1e0 [snd_soc_nau8821]<br />
[ 1984.896636] process_one_work+0x211/0x590<br />
[ 1984.896649] ? srso_return_thunk+0x5/0x5f<br />
[ 1984.896670] worker_thread+0x1cd/0x3a0<br />
<br />
Cancel unscheduled jdet_work or wait for its execution to finish before<br />
the component driver gets removed.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.19.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page



