FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gstreamer1-rtsp-server -- Potential Denial-of-Service (DoS) with specially crafted client requests

Affected packages
1.18.0 <= gstreamer1-rtsp-server < 1.24.9

Details

VuXML ID d48a2224-9b4c-11ef-bdd9-4ccc6adda413
Discovery 2024-10-29
Entry 2024-11-07

Qingpeng Du reports:

A series of specially crafted client requests during streaming setup (post client authentication, if any) can cause the RTSP server library to abort, if it has been compiled with assertions enabled.

[source]

References

CVE Name CVE-2024-44331
URL https://gstreamer.freedesktop.org/security/sa-2024-0004.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.