CVE-2025-49140
- Source
- https://cve.org/CVERecord?id=CVE-2025-49140
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-49140.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-49140
- Aliases
- Downstream
- Related
- Published
- 2025-06-09T21:13:12.388Z
- Modified
- 2026-04-02T12:51:11.058227Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)
- Details
-
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should upgrade to v0.1.39 or later, which validates that:
padLen > 0 && padLen <= payloadLengthand return error on overflow, avoiding panic. If upgrading is not possible, apply the patch from the pull request manually or drop packets whose P-bit is set but whose padLen is zero or larger than the remaining payload. - Database specific
{ "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-770" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/49xxx/CVE-2025-49140.json" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/49xxx/CVE-2025-49140.json
- https://github.com/pion/interceptor/security/advisories/GHSA-f26w-gh5m-qq77
- https://nvd.nist.gov/vuln/detail/CVE-2025-49140
- https://github.com/pion/webrtc/issues/3148
- https://github.com/pion/interceptor/commit/fa5b35ea867389cec33a9c82fffbd459ca8958e5
- https://github.com/pion/interceptor/pull/338