Lucene search
Gentoo FoundationMGASA-2014-0440HistoryNov 02, 2014 - 4:14 p.m.
Updated pulseaudio package fixes RTP remote crash vulnerability
2014-11-0216:14:49
Gentoo Foundation
advisories.mageia.org
9
2.9 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:M/Au:N/C:N/I:N/A:P
0.021 Low
EPSS
Percentile
89.0%
PulseAudio versions shipped in Mageia 3 and 4 were vulnerable to a remote RTP attack which could crash the PulseAudio server simply by sending an empty UDP packet. Additionally, the version of PulseAudio shipped in Mageia 4 was a pre-release version of PulseAudio v5 and has been updated to the official final version.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | pulseaudio | < 3.0-7.1 | pulseaudio-3.0-7.1.mga3 |
| Mageia | 4 | noarch | pulseaudio | < 5.0-1 | pulseaudio-5.0-1.mga4 |
References
Related
fedora
fedora
[SECURITY] Fedora 20 Update: paprefs-0.9.10-7.fc20
2014-07-26 00:11:15
[SECURITY] Fedora 20 Update: cinnamon-2.2.14-5.fc20
2014-07-26 00:11:16
[SECURITY] Fedora 20 Update: gnome-settings-daemon-3.10.3-2.fc20
2014-07-26 00:11:14
openvas
openvas
Fedora Update for cinnamon-control-center FEDORA-2014-8183
2014-07-28 00:00:00
Fedora Update for phonon FEDORA-2014-8183
2014-07-28 00:00:00
Fedora Update for sidplayfp FEDORA-2014-8183
2014-07-28 00:00:00
debiancve
debiancve
CVE-2014-3970
2014-06-11 14:55:00
securityvulns
securityvulns
[ MDVSA-2015:134 ] pulseaudio
2015-04-19 00:00:00
PulseAudio DoS
2015-04-19 00:00:00
prion
prion
Design/Logic Flaw
2014-06-11 14:55:00
nessus
nessus
ubuntucve
ubuntucve
CVE-2014-3970
2014-06-11 00:00:00
cve
cve
CVE-2014-3970
2014-06-11 14:55:00
2.9 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:M/Au:N/C:N/I:N/A:P
0.021 Low
EPSS
Percentile
89.0%
Related for MGASA-2014-0440