CVE-2026-25068
Heap-Based Buffer Overflow in alsa-lib Topology Mixer Decoder
Publication date: 2026-01-29
Last updated on: 2026-02-06
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| alsa_project | alsa_lib | From 1.2.2|end_including=1.2.15.2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-129 | The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a heap-based buffer overflow in the ALSA library's topology mixer control decoder. The function tplg_decode_control_mixer1() reads the num_channels field from untrusted topology (.tplg) files without validating it against the fixed-size channel array limit. If a crafted topology file contains an excessive num_channels value, it can cause out-of-bounds heap writes, potentially leading to a crash or heap corruption. [1]
How can this vulnerability impact me? :
The vulnerability can lead to heap corruption and application crashes when processing maliciously crafted topology files. This could potentially be exploited to cause denial of service or other unintended behavior in applications using the ALSA library for audio topology decoding. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves processing of crafted .tplg topology files by alsa-lib. Detection can be done by checking if your system uses vulnerable versions of alsa-lib (1.2.2 up to 1.2.15.2 prior to commit 5f7fe33). You can verify the alsa-lib version installed on your system using commands like `dpkg -l | grep alsa-lib` on Debian-based systems or `rpm -qa | grep alsa-lib` on RPM-based systems. Additionally, monitoring for crashes or abnormal behavior in applications that process .tplg files may indicate exploitation attempts. There are no specific network commands since this is a local file parsing vulnerability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update alsa-lib to a version that includes the fix from commit 5f7fe33 or later. This update adds boundary checks on the number of channels processed in the topology mixer, preventing heap corruption from maliciously crafted .tplg files. If an update is not immediately possible, avoid loading or processing untrusted or suspicious .tplg topology files to reduce risk. [1]