Severity by source
AV:A/AC:M/Au:N/C:N/I:N/A:P
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:A/AC:M/Au:N/C:N/I:N/A:P
Lifecycle Timeline
1DescriptionCVE.org
The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.
AnalysisAI
The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an. Rated low severity (CVSS 2.9). Public exploit code available and no vendor patch available.
Technical ContextAI
The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet. Affected products include: Pulseaudio.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Pulseaudio
View allPotential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program.
Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected. Rated m
An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today