Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Libsndfile Memory Leak Vulnerability in MP3 Encoder
OESA-2026-1604
Summary
Libsndfile's MP3 encoder has a bug that can cause the program to run out of memory. This can happen when processing certain types of audio files. Update to the latest version of Libsndfile to fix the issue.
What to do
- Update libsndfile to version 1.2.2-4.oe2403sp1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | libsndfile | <= 1.2.2-4.oe2403sp1 | 1.2.2-4.oe2403sp1 |
Original title
libsndfile security update
Original description
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface.
Security Fix(es):
Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.(CVE-2025-56226)
Security Fix(es):
Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.(CVE-2025-56226)
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA... Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-56226 Vendor Advisory
Published: 15 Mar 2026 · Updated: 15 Mar 2026 · First seen: 15 Mar 2026