Pulseaudio
Monthly
Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected. Rated medium severity (CVSS 4.0).
Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.
An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an. Rated low severity (CVSS 2.9). Public exploit code available and no vendor patch available.
Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected. Rated medium severity (CVSS 4.0).
Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.
An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an. Rated low severity (CVSS 2.9). Public exploit code available and no vendor patch available.