Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235013
Summary: CVE-2007-1804: pulseaudio 0.9.5 DoS Product: Fedora Extras Version: fc6 Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: pulseaudio AssignedTo: drzeus-bugzilla@drzeus.cx ReportedBy: ville.skytta@iki.fi QAContact: extras-qa@fedoraproject.org CC: fedora-security-list@redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1804
"PulseAudio 0.9.5 allows remote attackers to cause a denial of service (daemon crash) via (1) a PA_PSTREAM_DESCRIPTOR_LENGTH value of FRAME_SIZE_MAX_ALLOW sent on TCP port 9875, which triggers a p->export assertion failure in do_read; (2) a PA_PSTREAM_DESCRIPTOR_LENGTH value of 0 sent on TCP port 9875, which triggers a length assertion failure in pa_memblock_new; or (3) an empty packet on UDP port 9875, which triggers a t assertion failure in pa_sdp_parse; and allows remote authenticated users to cause a denial of service (daemon crash) via a crafted packet on TCP port 9875 that (4) triggers a maxlength assertion failure in pa_memblockq_new, (5) triggers a size assertion failure in pa_xmalloc, or (6) plays a certain sound file."
FC5, FC6, devel have 0.9.5 at the moment.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: CVE-2007-1804: pulseaudio 0.9.5 DoS
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235013
------- Additional Comments From lennart@poettering.de 2007-05-28 16:47 EST ------- PulseAudio 0.9.6 fixes these issues.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: CVE-2007-1804: pulseaudio 0.9.5 DoS
https://bugzilla.redhat.com/show_bug.cgi?id=235013
bugzilla@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Product|Fedora Extras |Fedora
drzeus-bugzilla@drzeus.cx changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |drzeus-bugzilla@drzeus.cx AssignedTo|drzeus-bugzilla@drzeus.cx |lpoetter@redhat.com
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: CVE-2007-1804: pulseaudio 0.9.5 DoS
https://bugzilla.redhat.com/show_bug.cgi?id=235013
------- Additional Comments From lpoetter@redhat.com 2007-09-07 06:23 EST ------- This has been fixed for quite a while in Rawhide. Since these all are issues that only trigger an assert() they are quite a low priority. Also, to trigger them some non-standard modules need to be loaded into the sound server. Thus, I so no need to provide updates for FC5/FC6.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: CVE-2007-1804: pulseaudio 0.9.5 DoS
https://bugzilla.redhat.com/show_bug.cgi?id=235013
lpoetter@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution| |RAWHIDE
security@lists.fedoraproject.org
-
Red Hat Bugzilla