AVG-2276 log

Package live-media
Status Fixed
Severity Medium
Type multiple issues
Affected 2021.07.20-1
Fixed 2021.08.09-1
Current 2023.01.19-1 [extra]
Ticket None
Created Tue Aug 10 19:27:53 2021
Issue Severity Remote Type Description
CVE-2021-38382 Medium Yes Arbitrary code execution
live-media before version 2021.08.06 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a...
CVE-2021-38381 Medium Yes Arbitrary code execution
live-media before version 2021.08.09 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a...
CVE-2021-38380 Low No Denial of service
live-media before version2021.08.04 mishandles huge requests for the same MP3 stream, leading to recursion and a stack-based buffer over- read. An attacker...