PT-2021-22504 · Live555+1 · Live555+1

Published

2021-08-12

Updated

2021-08-24

CVE-2021-39283

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Live555 versions through 1.08

Description The issue allows an assertion failure and application exit via multiple SETUP and PLAY commands. This is due to a problem in liveMedia/FramedSource.cpp.

Recommendations For versions through 1.08, consider restricting the handling of multiple SETUP and PLAY commands to prevent application exit. As a temporary workaround, consider disabling the vulnerable function in liveMedia/FramedSource.cpp until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

BDU:2025-03981

CVE-2021-39283

OPENSUSE-SU-2024:11023-1

Affected Products

Astra Linux

Live555

PT-2021-22504 · Live555+1 · Live555+1

CVE-2021-39283

Weakness Enumeration

Related Identifiers

Affected Products

References · 13