rpm package
opensuse/pulseaudio&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/pulseaudio&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-3970 | — | < 9.0-2.3 | 9.0-2.3 | Jun 11, 2014 | The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet. | ||
| CVE-2008-0008 | — | < 15.0-3.1 | 15.0-3.1 | Jan 29, 2008 | The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls t |
- CVE-2014-3970Jun 11, 2014affected < 9.0-2.3fixed 9.0-2.3
The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.
- CVE-2008-0008Jan 29, 2008affected < 15.0-3.1fixed 15.0-3.1
The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls t