* [Security] Segmentation Fault DoS in snd_config_load_string via corrupted linked list pointer
[not found] <18bf14cee505bb00-webhooks-bot@alsa-project.org>
@ 2026-07-04 12:07 ` GitHub issues - opened
0 siblings, 0 replies; only message in thread
From: GitHub issues - opened @ 2026-07-04 12:07 UTC (permalink / raw)
To: alsa-devel
alsa-project/alsa-lib issue #514 was opened from eglonnnn:
### Description
A segmentation fault vulnerability in alsa-lib v1.2.15.3. When `snd_config_load_string()` parses a crafted ALSA configuration text, the parser produces an inconsistent linked-list state during array/composite node handling, causing `list_del()` to access an uninitialized pointer and trigger a SEGV.
### Impact
- Denial-of-service via process crash
- Any application processing untrusted ALSA configuration text is affected
### Reproduction
All materials are available in my research repository:
https://github.com/eglonnnn/opensource-fuzz-vulnerability-research/tree/main/SEGV%20in%20alsa-lib%20snd_config_load_string
Issue URL : https://github.com/alsa-project/alsa-lib/issues/514
Repository URL: https://github.com/alsa-project/alsa-lib
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-07-04 12:08 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <18bf14cee505bb00-webhooks-bot@alsa-project.org>
2026-07-04 12:07 ` [Security] Segmentation Fault DoS in snd_config_load_string via corrupted linked list pointer GitHub issues - opened
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.