There is no default software on any distribution (that I've ever heard of) that executes code based on the content of incoming audio streams.
Irrelevant.
Image displaying software isn't supposed to execute arbitrary code based on the content of a JPEG file, but
it still happens sometimes.
That you aren't even acknowledging the existence of an
entire category of vulnerabilities does not inspire confidence.
Do we really know sound is safe? Has anyone ever tried to crash the Linux sound drivers via malicious sounds sent to the line in port? Maybe the only reason we don't think a vulnerability exists is because until now nobody has ever had a reason to look for one. Even if the sound drivers and ALSA libs are safe, there's still the matter of hardening the decoding software.
If even a task as old and well-understood as transforming a JPEG image into a bitmap can result in arbitrary code execution you can't just assume that sound is safe without at least some kind of testing.