[Live-devel] Heap Use-After-Free Bug in live555 (2024-10-10)

Hello, My name is Sangjun Park, and I am a fuzzing researcher.I have discovered a heap use-after-free (UAF) vulnerability in the live555 streaming media server (version 2024-10-10) running on Ubuntu 20.04. The issue arises when the server handles a sequence of client requests very quickly, le

Re: [Live-devel] C++20 dependency taken in 2023.06.16 or .20

You can overcome this by adding -DNO_STD_LIB=1 to your command line options Ross Finlayson Live Networks, Inc. http://www.live555.com/ ___ live-devel mailing list live-devel@lists.live555.com http://lists.live555.com/mailman/listinfo/live-devel

[Live-devel] C++20 dependency taken in 2023.06.16 or .20

On attempting to update an existing code base that builds under C++17, we’re now getting this build error: live555/BasicUsageEnvironment/BasicTaskScheduler.cpp: In member function ‘virtual void BasicTaskScheduler::SingleStep(unsigned int)’: live555/BasicUsageEnvironment/BasicTaskScheduler.cpp:1

Re: [Live-devel] Stack-Use-After-Return Bug in live555

I have just installed a new version (2024-10-10) of the “LIVE555 Streaming Media” code that fixes this issue (along with the other bugs that you reported yesterday). IMPORTANT NOTE: If you have a product or service that uses the LIVE555 RTSP server implementation (including the LIVE555 Proxy S

Re: [Live-devel] Heap Use-After-Free Bug(1) in live555 (2024-09-29)

Sangjun, Many thanks for these bug reports. I believe that your reports 1, 2 and 3 were all caused by a single bug in the LIVE555 RTSP server code. I have just released a new version (2024-10-09) of the “LIVE555 Streaming Media” code that, I believe, fixes this. I am still investigating your

[Live-devel] Stack-Use-After-Return Bug in live555

My name is Sangjun Park, and I am a fuzzing researcher. I have discovered a stack-use-after-return vulnerability in the live555 streaming media server (version 2024-09-29) running on Ubuntu 20.04. The issue occurs when the server processes a sequence of SETUP and other client requests, leading

[Live-devel] Heap Use-After-Free Bug(3) in live555 (2024-09-29)

Hello, My name is Sangjun Park, and I am a fuzzing researcher. I have discovered a heap use-after-free (UAF) vulnerability in the live555 streaming media server (version 2024-09-29) running on Ubuntu 20.04. The issue arises when the server handles a sequence of SETUP and other related client

[Live-devel] Heap Use-After-Free Bug(2) in live555 (2024-09-29)

Hello, My name is Sangjun Park, and I am a fuzzing researcher. I have identified a heap use-after-free (UAF) vulnerability in the live555 streaming media server (version 2024-09-29) running on Ubuntu 20.04. The issue occurs when the server processes a sequence of SETUP -> PLAY -> DESCRIBE req

[Live-devel] Heap Use-After-Free Bug(1) in live555 (2024-09-29)

Hello, My name is Sangjun Park, and I am a fuzzing researcher. I have discovered a heap use-after-free (UAF) vulnerability in the live555 streaming media server (version 2024-09-29), running on Ubuntu 20.04. The issue occurs when the server processes a sequence of SETUP -> PLAY -> POST requests