Buffer overflow in Cisco Libsrtp

CVE-2013-2139

Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functi…

Vulnerability class: Buffer Overflow

EPSS: 0.018 (83.2th percentile) — read the EPSS interpretation.

Affected products

Cisco Libsrtp — versions 1.0.1, 1.0.2, 1.0.4
Fedoraproject Fedora — versions 18, 19, 20
Opensuse — versions 12.3, 13.1
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

MDVSA-2014:219 (vendor-advisory, x_refsource_MANDRIVA)
secalert@redhat.com (x_refsource_CONFIRM)
20130603 [GTA-2013-01] - Libsrtp srtp_protect/hmac_compute buffer overflow (mailing-list, x_refsource_FULLDISC)
FEDORA-2013-24153 (x_refsource_FEDORA, vendor-advisory)
DSA-2840 (vendor-advisory, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_CONFIRM)
93852 (x_refsource_OSVDB, vdb-entry)
openSUSE-SU-2014:1250 (vendor-advisory, x_refsource_SUSE)
openSUSE-SU-2013:1258 (vendor-advisory, x_refsource_SUSE)