PipeWire Vulnerabilities Expose Ubuntu Systems to DoS Attacks
Ubuntu 24.04 LTS systems using PipeWire are vulnerable to denial-of-service attacks due to unbounded input handling flaws. Patches are available immediately.
TL;DR
- Two high-severity DoS vulnerabilities found in PipeWire media server
- Affects Ubuntu 24.04 LTS systems only
- Remote and local attackers can crash services via unbounded allocations
- CVE-2026-14324 impacts RAOP module's Content-Length parsing
- CVE-2026-14330 affects PulseAudio protocol server stack allocations
Ubuntu has disclosed two high-severity vulnerabilities in PipeWire that could allow attackers to crash media services on affected systems. These issues affect Ubuntu 24.04 LTS installations running the PipeWire multimedia framework, which handles audio and video processing across modern Linux desktops.
The vulnerabilities stem from improper validation of user-supplied data in network-facing components. Organizations using Ubuntu 24.04 LTS in production environments should prioritize applying the available security updates to prevent potential service disruptions.
Both flaws enable denial-of-service conditions without requiring authentication, making them particularly concerning for internet-facing systems that process multimedia streams.
Remote Attack Vector via RAOP Module
- CVE-2026-14324 allows remote attackers to send malicious Content-Length headers
- PipeWire's RAOP module fails to validate maximum header sizes
- Successful exploitation causes service crashes through resource exhaustion
- Only Ubuntu 24.04 LTS systems are affected by this specific vulnerability
- No authentication required for exploitation
Local Privilege Escalation Risk
- CVE-2026-14330 enables local users to trigger stack-based buffer overflows
- Unbounded stack allocations occur in PulseAudio protocol server implementation
- Attackers can cause daemon crashes leading to temporary service unavailability
- May impact system stability for multi-user multimedia environments
- Requires existing local access but no additional privileges
Sources
Sources
Security email updates
One digest email when we publish new security articles (TL;DR plus links to read more). Unsubscribe anytime from the message footer. See our Privacy Policy.