Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 677276 (CVE-2019-7314)

Summary: <media-plugins/live-2020.03.06: mishandles the termination of an RTSP stream (CVE-2019-7314)
Product: Gentoo Security Reporter: D'juan McDonald (domhnall) <flopwiki>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: minor CC: media-video
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also:
Whiteboard: C3 [glsa+ cve cleanup]
Package list:
Runtime testing required: ---
Bug Depends on: 669276    
Bug Blocks:    

Description D'juan McDonald (domhnall) 2019-02-04 19:24:09 UTC

liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.

Gentoo Security Padawan
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-19 03:53:42 UTC
@maintainer(s), please create an appropriate ebuild.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2020-05-14 22:07:47 UTC
This issue was resolved and addressed in
 GLSA 202005-06 at
by GLSA coordinator Thomas Deutschmann (whissi).