CVE-2014-3970 Information

Description

The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.

Reference

http://advisories.mageia.org/MGASA-2014-0440.html http://lists.freedesktop.org/archives/pulseaudio-discuss/2014-May/020740.html http://seclists.org/oss-sec/2014/q2/429 http://seclists.org/oss-sec/2014/q2/437 http://secunia.com/advisories/60624 http://www.mandriva.com/security/advisories?name=MDVSA-2015:134 http://www.securityfocus.com/bid/67814