CVE-2007-1804

Name of the Vulnerable Software and Affected Versions: PulseAudio version 0.9.5

Description: The issue allows remote attackers to cause a denial of service, resulting in a daemon crash. This can be achieved through several methods, including sending a PA PSTREAM DESCRIPTOR LENGTH value of FRAME SIZE MAX ALLOW or 0 on TCP port 9875, or sending an empty packet on UDP port 9875. Additionally, remote authenticated users can cause a denial of service by sending a crafted packet on TCP port 9875 that triggers various assertion failures.

Recommendations: For PulseAudio version 0.9.5, consider disabling access to TCP port 9875 and UDP port 9875 as a temporary workaround to minimize the risk of exploitation. Restrict access to the do read and pa memblock new functions, as well as the pa sdp parse function, until a patch is available. Avoid using the PA PSTREAM DESCRIPTOR LENGTH variable in the affected API endpoint until the issue is resolved.