Vulnerabilities > CVE-2021-38382 - Use After Free vulnerability in Live555

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
live555
CWE-416
NVD
Published: 2021-08-10
Updated: 2023-11-07

Summary

Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.

Vulnerable Configurations

Part Description Count
Application
Live555
67

Common Weakness Enumeration (CWE)

References