Vulnerability - CVE-2024-44331

Name

CVE-2024-44331

Source

NVD ( link)Debian ( link)

Description

Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests.

CWEs

CWE-120

Published Date

Oct 22, 2024

Updated Date

Jun 17, 2026

Workaround

Advisories

Analysis#

Affected Component

Analysis

gstreamer1.0-rtsp-server

Patched

Vulnerability Ratings#

7.5

CVSSv31

NaN

other

Others affected components#

Name

Project

Project Version

Version

Status

gst1-rtsp-server

buildroot

2025.02.x

1.24.13

Not Affected

gst1-rtsp-server

buildroot

master

1.24.13

Not Affected

gstreamer1.0-rtsp-server

yocto

kirkstone

1.20.7

Patched

gstreamer1.0-rtsp-server

yocto

master

1.28.4

Not Affected

Resolved with patches#

gstreamer1.0-rtsp-server (yocto:kirkstone)

Title

Author

Resolve

rtsp-server: Remove pointless assertions that can happen if

=?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>

CVE-2024-44331

gstreamer1.0-rtsp-server (yocto:scarthgap)

Title

Author

Resolve

rtsp-server: Remove pointless assertions that can happen if

=?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>

CVE-2024-44331