CNNVD-202601-3183 Information
CNNVD ID
CNNVD-202601-3183
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
OwnTone是开源(OwnTone)的一个 Linux/FreeBSD DAAP (iTunes)、MPD (Music Player Daemon) 和 RSP (Roku) 媒体服务器。 OwnTone存在安全漏洞,该漏洞源于dacp_reply_playqueueedit_clear函数存在空指针取消引用,可能导致拒绝服务。
Description (English)
OwnTone is a Linux/FreeBSD DAAP (iTunes), MPD (Music Player Daemon) and RSP (Roku) media server. There is a security loophole in OwnTone, which stems from the empty pointer unreferenced in the dacp reply playqueueedit clar function, which may lead to the denial of service.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
开源
Published
2026-01-20
Last Modified
2026-02-24
References
https://github.com/archersec/security-advisories/blob/master/owntone-server/owntone-server-advisory-2025.md https://github.com/owntone/owntone-server/commit/5e4d40ee03ae22ab79534bb1410fa9db96c9fabd https://github.com/owntone/owntone-server/issues/1907 https://access.redhat.com/security/cve/cve-2025-57156
Patch
https://github.com/owntone/owntone-server/releases
Share on: