CVE-2026-56109

Source
https://cve.org/CVERecord?id=CVE-2026-56109
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-56109.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-56109
Downstream
Related
Published
2026-06-22T15:58:42.404Z
Modified
2026-07-08T08:13:46.234406707Z
Severity
  • 7.0 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
ALSA Library < 1.2.16.1 Double-Free via parse_def() in conf.c
Details

The Advanced Linux Sound Architecture (ALSA) library before 1.2.16.1 contains a double-free vulnerability in parsedef() in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array configuration blocks, parsedef() fails to check return values before continuing, causing sndconfigdelete() to be called twice on the same already-freed node, resulting in a NULL-pointer write or invalid memory read.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/56xxx/CVE-2026-56109.json",
    "cna_assigner": "VulnCheck",
    "cwe_ids": [
        "CWE-415"
    ]
}
References

Affected packages

Git / github.com/alsa-project/alsa-lib

Affected ranges

Type
GIT
Repo
https://github.com/alsa-project/alsa-lib
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "source": [
        "DESCRIPTION",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.2.16.1"
        }
    ]
}

Affected versions

v1.*
v1.0.10
v1.0.10rc1
v1.0.10rc2
v1.0.10rc3
v1.0.11
v1.0.11rc1
v1.0.11rc2
v1.0.11rc3
v1.0.11rc4
v1.0.11rc5
v1.0.12
v1.0.12rc1
v1.0.12rc2
v1.0.13
v1.0.13rc1
v1.0.13rc2
v1.0.13rc3
v1.0.14
v1.0.14a
v1.0.14rc1
v1.0.14rc2
v1.0.14rc3
v1.0.14rc4
v1.0.15
v1.0.15rc1
v1.0.15rc2
v1.0.15rc3
v1.0.16
v1.0.16rc1
v1.0.16rc2
v1.0.17
v1.0.17a
v1.0.17rc1
v1.0.17rc2
v1.0.18
v1.0.18rc3
v1.0.19
v1.0.20
v1.0.21
v1.0.21a
v1.0.22
v1.0.23
v1.0.24
v1.0.24.1
v1.0.25
v1.0.26
v1.0.27
v1.0.27.1
v1.0.27.2
v1.0.28
v1.0.29
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.0.9rc1
v1.0.9rc2
v1.0.9rc3
v1.0.9rc4
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.1.4.1
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v1.1.9
v1.2.1
v1.2.1.1
v1.2.1.2
v1.2.10
v1.2.11
v1.2.12
v1.2.13
v1.2.14
v1.2.15
v1.2.15.1
v1.2.15.2
v1.2.15.3
v1.2.16
v1.2.2
v1.2.3
v1.2.3.1
v1.2.3.2
v1.2.4
v1.2.5
v1.2.6
v1.2.6.1
v1.2.7
v1.2.7.1
v1.2.7.2
v1.2.8
v1.2.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-56109.json"