CVE-2024-34587

Name of the Vulnerable Software and Affected Versions librtp.so versions prior to SMR Jul-2024 Release 1

Description The issue is related to improper input validation when parsing application information from RTCP packets, allowing remote attackers to execute arbitrary code with system privilege. User interaction is required to trigger this issue.

Recommendations For versions prior to SMR Jul-2024 Release 1, update to SMR Jul-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the librtp.so library until a patch is available.