Security fixes and advisories that landed overnight. 17 Feb 2026 13:00 GMT.
Top items
Ubuntu
USN-8044-1: alsa-lib vulnerability
Alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topology file to crash alsa-lib, resulting in denial of service or possibly execute arbitrary code.
- Published: 16 Feb 2026 14:01 GMT
- CVEs: Not stated in the advisory excerpt
- Notes: local attacker using a specially crafted topology file
USN-8043-1: GnuTLS vulnerabilities
GnuTLS incorrectly handled malicious certificates containing a large number of name constraints and subject alternative names, which could let a remote attacker cause resource consumption and denial of service (CVE-2025-14831). GnuTLS also incorrectly handled certain PKCS11 token labels, which a remote attacker could use to crash GnuTLS, causing denial of service or possibly execute arbitrary code (CVE-2025-9820).
- Published: 16 Feb 2026 13:53 GMT
- CVEs: CVE-2025-14831, CVE-2025-9820
- Notes: malicious certificates with many name constraints and subject alternative names