First published: Mon Feb 04 2019(Updated: )
liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/liblivemedia | 2018.11.26-1.1 | |
Live555 Streaming Media | <0.95 | |
Debian Debian Linux | =8.0 | |
<0.95 | ||
=8.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this security issue is CVE-2019-7314.
The severity level of CVE-2019-7314 is critical, with a severity value of 9.8.
This vulnerability can cause a Use-After-Free error that leads to a crash (Segmentation fault) of the RTSP server or other unspecified impacts.
The affected software includes liblivemedia before version 2019.02.03, Live555 Streaming Media up to version 0.95, and Debian Linux version 8.0.
To fix CVE-2019-7314, update to version 2019.02.03 for liblivemedia, version 0.96 or later for Live555 Streaming Media, and consider upgrading to a later version of Debian Linux.