* [Security] Segmentation Fault DoS in snd_config_load_string via corrupted linked list pointer [not found] <18bf14cee505bb00-webhooks-bot@alsa-project.org> @ 2026-07-04 12:07 ` GitHub issues - opened 0 siblings, 0 replies; only message in thread From: GitHub issues - opened @ 2026-07-04 12:07 UTC (permalink / raw) To: alsa-devel alsa-project/alsa-lib issue #514 was opened from eglonnnn: ### Description A segmentation fault vulnerability in alsa-lib v1.2.15.3. When `snd_config_load_string()` parses a crafted ALSA configuration text, the parser produces an inconsistent linked-list state during array/composite node handling, causing `list_del()` to access an uninitialized pointer and trigger a SEGV. ### Impact - Denial-of-service via process crash - Any application processing untrusted ALSA configuration text is affected ### Reproduction All materials are available in my research repository: https://github.com/eglonnnn/opensource-fuzz-vulnerability-research/tree/main/SEGV%20in%20alsa-lib%20snd_config_load_string Issue URL : https://github.com/alsa-project/alsa-lib/issues/514 Repository URL: https://github.com/alsa-project/alsa-lib ^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-07-04 12:08 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <18bf14cee505bb00-webhooks-bot@alsa-project.org>
2026-07-04 12:07 ` [Security] Segmentation Fault DoS in snd_config_load_string via corrupted linked list pointer GitHub issues - opened
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.