CNNVD-202601-3184 Information

CNNVD ID

CNNVD-202601-3184

Related CVE

CVE-2025-57155

• CNNVD Published: 2026-01-20

Description (Chinese)

OwnTone是开源（OwnTone）的一个 Linux/FreeBSD DAAP (iTunes)、MPD (Music Player Daemon) 和 RSP (Roku) 媒体服务器。 OwnTone存在安全漏洞，该漏洞源于daap_reply_groups函数存在空指针取消引用，可能导致拒绝服务。

Description (English)

OwnTone is a Linux/FreeBSD DAAP (iTunes), MPD (Music Player Daemon) and RSP (Roku) media server. There is a security loophole in OwnTone, which stems from the absence of an empty pointer to cancel references in the daap reply groups function, which may lead to the denial of service.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

开源

Published

2026-01-20

Last Modified

2026-02-24

References

https://github.com/archersec/security-advisories/blob/master/owntone-server/owntone-server-advisory-2025.md https://github.com/owntone/owntone-server/commit/d857116e4143a500d6a1ea13f4baa057ba3b0028

Patch

https://github.com/owntone/owntone-server/releases