CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Ubuntu•added 2026/06/09 9:23 a.m.•8 views

USN-8044-2: alsa-lib vulnerability

USN-8044-1 fixed a vulnerability in alsa-lib. This update provides the corresponding fix for alsa-lib on Ubuntu 20.04 LTS. Original advisory details: It was discovered that alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topology fil...

Tenable Nessus•added 2026/06/06 12:0 a.m.•7 views

EulerOS Virtualization 2.13.1 : alsa-lib (EulerOS-SA-2026-2118)

According to the versions of the alsa-lib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topolog...

Tenable Nessus•added 2026/06/06 12:0 a.m.•7 views

EulerOS Virtualization 2.12.0 : alsa-lib (EulerOS-SA-2026-2093)

Tenable Nessus•added 2026/06/06 12:0 a.m.•6 views

EulerOS Virtualization 2.12.1 : alsa-lib (EulerOS-SA-2026-2068)

4.6CVSS5.6AI score0.00191EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in alsa-lib

Versions of alsa-lib from 1.2.2 up to and including 1.2.15.2, prior to the release of 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the numchannels field from untrusted .tplg data and uses it as a loop bound without...

4.6CVSS7.2AI score0.00191EPSS

Exploits0References1

RedHat Linux•added 2026/04/10 6:11 p.m.•4 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: alsa-lib: alsa-lib-1.2.15.3-3.1.hum1 aarch64, x8664 alsa-lib-devel-1.2.15.3-3.1.hum1 aarch64, x8664 alsa-topology-1.2.15.3-3.1.hum1 noarch alsa-ucm-1.2.15.3-3.1.hum1 noarch...

OSV•added 2026/03/15 5:55 a.m.•4 views

Exploits0References3

OESA-2026-1582 alsa-lib security update

The alsa-lib is a library to interface with ALSA in the Linux kernel and virtual devices using a plugin system. More detail: https://alsa.opensrc.org/Alsa-lib Security Fixes: alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the...

4.6CVSS7.3AI score0.00191EPSS

Tenable Nessus•added 2026/03/15 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: alsa-lib (UTSA-2026-006158)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006158 advisory. alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The...

CBLMariner•added 2026/03/09 2:32 p.m.•4 views

Exploits0References4

CVE-2026-25068 affecting package alsa-lib for versions less than 1.2.6.1-3

CVE-2026-25068 affecting package alsa-lib for versions less than 1.2.6.1-3. A patched version of the package is available...

Tenable Nessus•added 2026/02/19 12:0 a.m.•5 views

Amazon Linux 2023 : alsa-lib, alsa-lib-devel, alsa-topology (ALAS2023-2026-1426)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1426 advisory. alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the...

Amazon•added 2026/02/18 12:0 a.m.•5 views

Exploits0References4

Medium: alsa-lib

Issue Overview: alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the numchannels field from untrusted .tplg data and uses it as a loop bound without...

4.6CVSS5.7AI score0.00191EPSS

Tenable Nessus•added 2026/02/17 12:0 a.m.•4 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : alsa-lib vulnerability (USN-8044-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8044-1 advisory. It was discovered that alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topolog...

4.6CVSS6AI score0.00191EPSS

OpenVAS•added 2026/02/17 12:0 a.m.•2 views

Ubuntu: Security Advisory (USN-8044-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OSV•added 2026/02/16 2:1 p.m.•4 views

USN-8044-1 alsa-lib vulnerability

It was discovered that alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topology file to cause alsa-lib to crash, resulting in a denial of service, or possibly execute arbitrary code...

4.6CVSS6AI score0.00191EPSS

Ubuntu•added 2026/02/16 2:1 p.m.•4 views

USN-8044-1: alsa-lib vulnerability

4.6CVSS5.9AI score0.00191EPSS

OpenVAS•added 2026/02/06 12:0 a.m.•3 views

Debian: Security Advisory (DLA-4469-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS5.4AI score0.00191EPSS

Debian•added 2026/02/05 11:0 p.m.•7 views

[SECURITY] [DLA 4469-1] alsa-lib security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4469-1 [email protected] https://www.debian.org/lts/security/ Paride Legovini February 05, 2026 https://wiki.debian.org/LTS -...

4.6CVSS5.7AI score0.00191EPSS

OSV•added 2026/02/05 12:0 a.m.•3 views

DLA-4469-1 alsa-lib - security update

Bulletin has no description...

4.6CVSS4.8AI score0.00191EPSS