VYPR
Vendor

Pulseaudio

Products
1
CVEs
9
Across products
9
Status
Private

Products

1

Recent CVEs

9
  • CVE-2007-1804Apr 2, 2007
    risk 0.04cvss epss 0.07

    PulseAudio 0.9.5 allows remote attackers to cause a denial of service (daemon crash) via (1) a PA_PSTREAM_DESCRIPTOR_LENGTH value of FRAME_SIZE_MAX_ALLOW sent on TCP port 9875, which triggers a p->export assertion failure in do_read; (2) a PA_PSTREAM_DESCRIPTOR_LENGTH value of 0…

  • CVE-2009-1894Jul 17, 2009
    risk 0.03cvss epss 0.01

    Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.

  • CVE-2024-11586Nov 23, 2024
    risk 0.00cvss epss 0.00

    Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected.

  • CVE-2020-16123Dec 3, 2020
    risk 0.00cvss epss 0.00

    An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This…

  • CVE-2020-15710Nov 19, 2020
    risk 0.00cvss epss 0.00

    Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5-device.c and src/modules/bluetooth/module-bluez5-device.c.…

  • CVE-2020-11931May 15, 2020
    risk 0.00cvss epss 0.00

    An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy…

  • CVE-2014-3970Jun 11, 2014
    risk 0.00cvss epss 0.01

    The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.

  • CVE-2009-1299Mar 18, 2010
    risk 0.00cvss epss 0.00

    The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file.

  • CVE-2008-0008Jan 29, 2008
    risk 0.00cvss epss 0.01

    The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls…