VDB

GCVE-110-MAGEIA-2021-313

GCVE-110-MAGEIA-2021-313
Advisory Published
Vulnetix · Advisory published July 4, 2021
Updated live packages fix security vulnerabilities: Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors (CVE-2019-15232). Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16 (CVE-2021-28899). The mplayer package has been rebuilt against the updated live package.

Affected Products

VendorProductVersionsPlatforms
Mageiamplayer0 (affected), 1.4-1.1.mga7.tainted (unaffected), 1.4-1.1.mga7 (unaffected), 0 (affected)
Mageialive0 (affected), 2021.06.25-1.mga7 (unaffected)
Mageiamplayer0 (affected), 1.4-9.3.mga8 (unaffected), 0 (affected), 1.4-9.3.mga8.tainted (unaffected)
Mageialive0 (affected), 2021.06.25-1.mga8 (unaffected)

Browse GCVE Records

72,096 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›