CVE-2007-1804: High severity Pulseaudio Pulseaudio vulnerability
PulseAudio 0.9.5 allows remote attackers to cause a denial of service (daemon crash) via (1) a PAPSTREAMDESCRIPTORLENGTH value of FRAMESIZEMAXALLOW sent on TCP port 9875, which triggers a p->export assertion failure in doread; (2) a PAPSTREAMDESCRIPTORLENGTH value of 0 sent on TCP port 9875, which triggers a length assertion failure in pamemblocknew; or (3) an empty packet on UDP port 9875, which triggers a t assertion failure in pasdpparse; and allows remote authenticated users to cause a denial of service (daemon crash) via a crafted packet on TCP port 9875 that (4) triggers a maxlength assertion failure in pamemblockqnew, (5) triggers a size assertion failure in paxmalloc, or (6) plays a certain sound file.
Affected Software
Remediation
Patch Available
Event History
Frequently Asked Questions
What is the severity of CVE-2007-1804?
CVE-2007-1804 has a high severity level due to its potential to cause a denial of service by crashing the PulseAudio daemon.
How do I fix CVE-2007-1804?
To fix CVE-2007-1804, upgrade to a patched version of PulseAudio newer than 0.9.5 that resolves these vulnerabilities.
What impact does CVE-2007-1804 have on my system?
The impact of CVE-2007-1804 is that it can crash the PulseAudio daemon, leading to service interruptions.
Can CVE-2007-1804 be exploited remotely?
Yes, CVE-2007-1804 can be exploited remotely via specially crafted TCP packets sent to the PulseAudio daemon.
Which versions of PulseAudio are affected by CVE-2007-1804?
PulseAudio version 0.9.5 is specifically affected by CVE-2007-1804.