CVE-2026-43436

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces<br /> <br /> The Scarlett2 mixer quirk in USB-audio driver may hit a NULL<br /> dereference when a malformed USB descriptor is passed, since it<br /> assumes the presence of an endpoint in the parsed interface in<br /> scarlett2_find_fc_interface(), as reported by fuzzer.<br /> <br /> For avoiding the NULL dereference, just add the sanity check of<br /> bNumEndpoints and skip the invalid interface.