CVE-2021-38382

Name
CVE-2021-38382
Description
Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC http://www.live555.com/liveMedia/public/changelog.txt#[2021.08.06]
MISC http://lists.live555.com/pipermail/live-devel/2021-August/021959.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:live555:live555:*:*:*:*:*:*:*:* live555 >= None <= 1.08
cpe:2.3:a:live555:live555:*:*:*:*:*:*:*:* live555 >= None < 2021.08.06

Vulnerable and fixed packages

Source package Branch Version Maintainer Status