VYPR

Alsa Lib

by ALSA

Source repositories

CVEs (3)

  • CVE-2026-25068MedJan 29, 2026
    risk 0.30cvss epss 0.00

    alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplg_decode_control_mixer1() function reads the num_channels field from untrusted .tplg data and uses it as a loop bound…

  • CVE-2026-56109Jun 22, 2026
    risk 0.00cvss epss 0.00

    The Advanced Linux Sound Architecture (ALSA) library before 1.2.16.1 contains a double-free vulnerability in parse_def() in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array…

  • CVE-2005-0087Apr 27, 2005
    risk 0.00cvss epss 0.00

    The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library.