Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
alsa-lib: Malicious Files Can Crash System
OESA-2026-1582
Summary
A security update is available for alsa-lib, a library used by Linux systems. If an attacker sends a specially crafted file to a system using alsa-lib, it could cause the system to crash. Update to the latest version of alsa-lib to fix this issue.
What to do
- Update alsa-lib to version 1.2.3-2.oe2003sp4.
- Update alsa-lib to version 1.2.5.1-4.oe2203sp4.
- Update alsa-lib to version 1.2.10-4.oe2403sp3.
- Update alsa-lib to version 1.2.10-4.oe2403sp1.
- Update alsa-lib to version 1.2.10-4.oe2403sp2.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | alsa-lib | <= 1.2.3-2.oe2003sp4 | 1.2.3-2.oe2003sp4 |
| – | alsa-lib | <= 1.2.5.1-4.oe2203sp4 | 1.2.5.1-4.oe2203sp4 |
| – | alsa-lib | <= 1.2.10-4.oe2403sp3 | 1.2.10-4.oe2403sp3 |
| – | alsa-lib | <= 1.2.10-4.oe2403sp1 | 1.2.10-4.oe2403sp1 |
| – | alsa-lib | <= 1.2.10-4.oe2403sp2 | 1.2.10-4.oe2403sp2 |
| – | alsa-lib | <= 1.2.10-4.oe2403sp3 | 1.2.10-4.oe2403sp3 |
Original title
alsa-lib security update
Original description
The alsa-lib is a library to interface with ALSA in the Linux kernel
and virtual devices using a plugin system.
More detail: https://alsa.opensrc.org/Alsa-lib
Security Fix(es):
alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplg_decode_control_mixer1() function reads the num_channels field from untrusted .tplg data and uses it as a loop bound without validating it against the fixed-size channel array (SND_TPLG_MAX_CHAN). A crafted topology file with an excessive num_channels value can cause out-of-bounds heap writes, leading to a crash.(CVE-2026-25068)
and virtual devices using a plugin system.
More detail: https://alsa.opensrc.org/Alsa-lib
Security Fix(es):
alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplg_decode_control_mixer1() function reads the num_channels field from untrusted .tplg data and uses it as a loop bound without validating it against the fixed-size channel array (SND_TPLG_MAX_CHAN). A crafted topology file with an excessive num_channels value can cause out-of-bounds heap writes, leading to a crash.(CVE-2026-25068)
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA... Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-25068 Vendor Advisory
Published: 15 Mar 2026 · Updated: 15 Mar 2026 · First seen: 15 Mar 2026