PT-2023-13739 · Librtmp+1 · Librtmp+1

50U1W4Y

Published

2023-02-15

Updated

2025-03-19

CVE-2022-40016

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ireader media-server versions before commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84

Description The issue is related to a Use After Free (UAF) vulnerability in the librtmp component of the ireader media-server, which allows attackers to cause a denial of service. This vulnerability can be exploited to disrupt the service, but no information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations To resolve the issue, update the ireader media-server to a version that includes the commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84 or later. As a temporary workaround, consider restricting access to the librtmp component until a patch is available.

Exploit

Fix

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2022-40016

Affected Products

Ireader Media-Server

Librtmp

PT-2023-13739 · Librtmp+1 · Librtmp+1

CVE-2022-40016

Weakness Enumeration

Related Identifiers

Affected Products

References · 6