Описание
ELSA-2020-3873: libsrtp security and bug fix update (MODERATE)
[1.4.4-11.20101004cvs]
-
Fix global buffer overflow Resolves: bz#1301202
-
Fix improper handling of CSRC count and extension header length in RTP header Resolves: bz#1323705
-
Fix buffer overflow in application of crypto profiles Resolves: bz#1141897
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
libsrtp
1.4.4-11.20101004cvs.el7
libsrtp-devel
1.4.4-11.20101004cvs.el7
Oracle Linux x86_64
libsrtp
1.4.4-11.20101004cvs.el7
libsrtp-devel
1.4.4-11.20101004cvs.el7
Связанные CVE
Связанные уязвимости
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows ...
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions.