Ubuntu Security Notices USN-8044-1 USN-8044-1: alsa-lib vulnerability Publication date 16 February 2026 Overview alsa-lib could be made to crash or run programs if it opened a specially crafted file. Releases 25.10 24.04 LTS 22.04 LTS Packages alsa-lib - shared library for ALSA applications Details It was discovered that alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topology file to cause alsa-lib to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topology file to cause alsa-lib to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions In general, a standard system update will make all the necessary changes. Learn more about how to get the fixes. The problem can be corrected by updating your system to the following package versions: Ubuntu Release Package Version 25.10 questing libasound2t64 – 1.2.14-1ubuntu1.1 24.04 LTS noble libasound2t64 – 1.2.11-1ubuntu0.2 22.04 LTS jammy libasound2 – 1.2.6.1-1ubuntu1.1 Reduce your security exposure Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines. Get Ubuntu Pro References CVE-2026-25068 CVE-2026-25068