Unrated severityNVD Advisory· Published Oct 5, 2019· Updated Aug 5, 2024
CVE-2019-17192
CVE-2019-17192
Description
The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. NOTE: the vendor plans to continue this behavior for performance reasons unless a WebRTC design change occurs
Affected products
2- Signal/Private Messenger applicationdescription
Patches
Vulnerability mechanics
References
3- bugs.chromium.org/p/project-zero/issues/detailmitrex_refsource_MISC
- news.ycombinator.com/itemmitrex_refsource_MISC
- twitter.com/moxie/status/1180226374851710976mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.