Your submission was sent successfully! Close

CVE-2019-7314

Published: 04 February 2019

liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.

From the Ubuntu security team

It was discovered that liveMedia incorrectly handled certain RTSP streamings. An attacker could possiby use this issue to cause a denial of service or other unspecified impact.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
liblivemedia
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.10 (Impish Indri) Does not exist

Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(2018.11.26-1.1)
Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 ESM (Xenial Xerus) Ignored
(end of standard support, was needed)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was needed)