CVE-2022-40016

Published: Feb 15, 2023Modified: Jun 17, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Use After Free (UAF) vulnerability in ireader media-server before commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84 in librtmp, allows attackers to cause a denial of service.

Affected (1)

Products: Media Server Project: Media Server

Media Server Project

1 product

Media Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Media Server Project Media Server	Before 2022-08-06

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (2)

https://github.com/ireader/media-server/issues/235

Source: cve@mitre.org

ExploitIssue TrackingVendor Advisory

https://github.com/ireader/media-server/issues/235

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingVendor Advisory

Timeline

No history available yet.