Vulnerabilities > CVE-2014-3970 - Unspecified vulnerability in Pulseaudio

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
pulseaudio
nessus

Summary

The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_13_1_OPENSUSE-2014--140723.NASL
    description	This update fixes the following security issue: 	(bnc#881524) CVE-2014-3970 - Denial of service in module-rtp-recv
    last seen2017-10-29
    modified2014-08-08
    plugin id76934
    published2014-07-31
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=76934
    titleopenSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)
    code
    #%NASL_MIN_LEVEL 999999
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a security fix.
    #
    # Disabled on 2014/08/08.
    #
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2014--1.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(76934);
      script_version("1.3");
      script_cvs_date("Date: 2018/07/20  0:18:55");
    
      script_cve_id("CVE-2014-3970");
    
      script_name(english:"openSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)");
      script_summary(english:"Check for the openSUSE-2014--1 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "	This update fixes the following security issue: 	(bnc#881524)
    CVE-2014-3970 - Denial of service in module-rtp-recv"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected openSUSE-2014- packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpulse-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpulse-mainloop-glib0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpulse-mainloop-glib0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpulse-mainloop-glib0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpulse-mainloop-glib0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpulse0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpulse0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpulse0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpulse0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-esound-compat");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-gdm-hooks");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-lang");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-bluetooth");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-bluetooth-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-gconf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-gconf-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-jack");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-jack-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-lirc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-lirc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-x11");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-x11-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-zeroconf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-module-zeroconf-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-system-wide");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pulseaudio-utils-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/07/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/07/31");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    # Deprecated.
    exit(0, "The associated patch is not currently a security fix.");
    
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.1", reference:"libpulse-devel-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libpulse-mainloop-glib0-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libpulse-mainloop-glib0-debuginfo-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libpulse0-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libpulse0-debuginfo-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-debuginfo-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-debugsource-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-esound-compat-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-gdm-hooks-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-lang-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-bluetooth-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-bluetooth-debuginfo-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-gconf-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-gconf-debuginfo-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-jack-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-jack-debuginfo-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-lirc-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-lirc-debuginfo-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-x11-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-x11-debuginfo-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-zeroconf-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-module-zeroconf-debuginfo-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-system-wide-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-utils-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"pulseaudio-utils-debuginfo-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libpulse-mainloop-glib0-32bit-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libpulse-mainloop-glib0-debuginfo-32bit-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libpulse0-32bit-4.0.git.270.g9490a-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libpulse0-debuginfo-32bit-4.0.git.270.g9490a-12.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
      else security_note(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpulse-devel / libpulse-mainloop-glib0-32bit / etc");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-134.NASL
    descriptionUpdated pulseaudio package fixes RTP remote crash vulnerability : PulseAudio versions shipped in mbs2 were vulnerable to a remote RTP attack which could crash the PulseAudio server simply by sending an empty UDP packet. Additionally, the version of PulseAudio shipped in mbs2 was a pre-release version of PulseAudio v5 and has been updated to the official final version.
    last seen2020-06-01
    modified2020-06-02
    plugin id82387
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82387
    titleMandriva Linux Security Advisory : pulseaudio (MDVSA-2015:134)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-8183.NASL
    descriptionRebase current post-4.0 snapshot to 5.0 release, see also: http://www.freedesktop.org/wiki/Software/PulseAudio/Notes/5.0/ This update restores compatibility with pulseaudio upstream ABI, and includes rebuilds of affected fedora packages. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-07-26
    plugin id76845
    published2014-07-26
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76845
    titleFedora 20 : qt-mobility-1.2.2-0.16.20140317git169da60c.fc20 / audacious-plugins-3.4.3-2.fc20 / etc (2014-8183)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_LIBPULSE-BROWSE0-140729.NASL
    descriptionThe following security issue is fixed in this update : - Fixed a remote denial of service attack in module-rtp-recv. (CVE-2014-3970)
    last seen2020-06-05
    modified2014-08-13
    plugin id77179
    published2014-08-13
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/77179
    titleSuSE 11.3 Security Update : pulseaudio (SAT Patch Number 9568)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-477.NASL
    description	This update fixes the following security issue: 	(bnc#881524) CVE-2014-3970 - Denial of service in module-rtp-recv
    last seen2020-06-05
    modified2014-08-01
    plugin id76960
    published2014-08-01
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/76960
    titleopenSUSE Security Update : pulseaudio (openSUSE-2014-477)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_12_3_OPENSUSE-2014--140723.NASL
    description	This update fixes the following security issue: 	(bnc#881524) CVE-2014-3970 - Denial of service in module-rtp-recv
    last seen2017-10-29
    modified2014-08-08
    plugin id76931
    published2014-07-31
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=76931
    titleopenSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)