Skip to main content

Pulseaudio CVE-2014-3970

LOW
2014-06-11 cve@mitre.org
2.9
CVSS 2.0 · NVD

Severity by source

NVD PRIMARY
2.9 LOW
AV:A/AC:M/Au:N/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:A/AC:M/Au:N/C:N/I:N/A:P
Attack Vector
Adjacent
Attack Complexity
M
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Jun 11, 2014 - 14:55 cve.org
LOW 2.9

DescriptionCVE.org

The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.

AnalysisAI

The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an. Rated low severity (CVSS 2.9). Public exploit code available and no vendor patch available.

Technical ContextAI

The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet. Affected products include: Pulseaudio.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2014-3970 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy