UbuntuUpdates.org

Package "libasound2-data"

Name: libasound2-data

Description:

Configuration files and profiles for ALSA drivers

Latest version: 1.2.11-1ubuntu0.3
Release: noble (24.04)
Level: security
Repository: main
Head package: alsa-lib
Homepage: https://www.alsa-project.org/

Links


Download "libasound2-data"


Other versions of "libasound2-data" in Noble

Repository Area Version
base main 1.2.11-1build2
updates main 1.2.11-1ubuntu0.3

Changelog

Version: 1.2.11-1ubuntu0.3 2026-07-14 13:08:02 UTC

  alsa-lib (1.2.11-1ubuntu0.3) noble-security; urgency=medium

  * SECURITY UPDATE: double free via crafted ALSA configuration text
    - debian/patches/CVE-2026-56109.patch: conf: add missing return value check
      in parse_def() in src/conf.c.
    - CVE-2026-56109

 -- Marc Deslauriers <email address hidden> Fri, 10 Jul 2026 09:50:32 -0400

Source diff to previous version
CVE-2026-56109 The Advanced Linux Sound Architecture (ALSA) library before 1.2.16.1 contains a double-free vulnerability in parse_def() in src/conf.c that allows at

Version: 1.2.11-1ubuntu0.2 2026-02-16 16:07:56 UTC

  alsa-lib (1.2.11-1ubuntu0.2) noble-security; urgency=medium

  * SECURITY UPDATE: heap overflow in topology mixer control decoder
    - debian/patches/CVE-2026-25068.patch: add boundary check for channel
      mixer count in src/topology/ctl.c.
    - CVE-2026-25068

 -- Marc Deslauriers <email address hidden> Fri, 30 Jan 2026 08:11:03 -0500

CVE-2026-25068 alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control dec



About   -   Send Feedback to @ubuntu_updates