Bug 2258054 (CVE-2023-37117)

Summary: CVE-2023-37117 live555: stack use-after-return while handling the SETUP client request
Product: [Other] Security Response Reporter: TEJ RATHI <trathi>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2258055    
Bug Blocks:    

Description TEJ RATHI 2024-01-12 12:12:52 UTC 
A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP.

http://lists.live555.com/pipermail/live-devel/2023-June/022331.html
http://www.live555.com/liveMedia/public/changelog.txt
Comment 1 TEJ RATHI 2024-01-12 12:13:17 UTC 
Created live555 tracking bugs for this issue:

Affects: fedora-all [bug 2258055]
Comment 2 Dominik 'Rathann' Mierzejewski 2024-04-09 21:22:58 UTC 
We never had a vulnerable version in Fedora or EPEL. 2023.06.20 was imported and this was fixed in 2023.06.14:

http://lists.live555.com/pipermail/live-devel/2023-June/022332.html

http://www.live555.com/liveMedia/public/changelog.txt
...
2023.06.14:
- Fixed a bug in the Matroska file parsing code that could sometimes cause a 'use after free'
  error.  (Thanks to Meng Ruijie, Martin Mirchev, and "jerry testing" for reporting this.)
Comment 3 TEJ RATHI 2024-04-10 05:25:26 UTC 
In reply to comment #2:
> We never had a vulnerable version in Fedora or EPEL. 2023.06.20 was imported
> and this was fixed in 2023.06.14:
> 
> http://lists.live555.com/pipermail/live-devel/2023-June/022332.html
> 
> http://www.live555.com/liveMedia/public/changelog.txt
> ...
> 2023.06.14:
> - Fixed a bug in the Matroska file parsing code that could sometimes cause a
> 'use after free'
>   error.  (Thanks to Meng Ruijie, Martin Mirchev, and "jerry testing" for
> reporting this.)

Hey Dominik,

Thanks for letting me know.