Main Vulnerability Database Vulnerabilities #VU20929

Resource management error in SRT (Secure Reliable Transport) - CVE-2019-15784

Published: September 8, 2019 / Updated: October 5, 2021

Vulnerability identifier: #VU20929

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2019-15784

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Haivision

Affected software:
SRT (Secure Reliable Transport)

Detailed vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to CSndUList array overflow when processing multiple SRT connections. A remote attacker can create multiple SRT connections and perform denial of service attack.

How to mitigate CVE-2019-15784

Install update from vendor's website.

Sources

https://github.com/Haivision/srt/pull/811

Resource management error in SRT (Secure Reliable Transport) - CVE-2019-15784

Detailed vulnerability description

How to mitigate CVE-2019-15784

Sources

Please verify you're human