Astra Linux - уязвимость в alsa-lib

alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the numchannels field from untrusted .tplg data and uses it as a loop bound without validating it...

Unity Linux 20.1070e Security Update: alsa-lib (UTSA-2026-006158)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006158 advisory. alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The...

AZL-75773 CVE-2026-25068 affecting package alsa-lib 1.2.9-1

alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the numchannels field from untrusted .tplg data and uses it as a loop bound without validating it...

EUVD-2026-4970

alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the numchannels field from untrusted .tplg data and uses it as a loop bound without validating it...

ALSA-LIB: Input validation vulnerability

alsa-lib is an open-source library for ALSA Advanced Linux Sound Architecture in the user space. It is designed to simplify application programming and provide more advanced features. Versions of alsa-lib prior to 1.2.15.2 contained a vulnerability related to input validation errors. This...