VYPR

rpm package

opensuse/pulseaudio&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/pulseaudio&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2014-3970Jun 11, 2014
    affected < 9.0-2.3fixed 9.0-2.3

    The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.

  • CVE-2008-0008Jan 29, 2008
    affected < 15.0-3.1fixed 15.0-3.1

    The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls t