CVE-2026-1110 – A buffer overflow vulnerability exists in the r... (How to Fix)

📋 TL;DR

A buffer overflow vulnerability exists in the rtsp_parse_method function of cijliu librtsp, allowing local attackers to potentially execute arbitrary code or cause denial of service. This affects systems using librtsp up to commit 2ec1a81ad65280568a0c7c16420d7c10fde13b04. The vendor has not responded to disclosure attempts.

💻 Affected Systems

Products:

cijliu librtsp

Versions: Up to commit 2ec1a81ad65280568a0c7c16420d7c10fde13b04

Operating Systems: All platforms running librtsp

Default Config Vulnerable: ⚠️ Yes

Notes: No specific version numbers available due to continuous delivery/rolling release model. All instances using vulnerable code are affected.

📦 What is this software?

Librtsp by Cijliu

View all CVEs affecting Librtsp →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise via arbitrary code execution.

🟠

Likely Case

Application crash or denial of service affecting RTSP functionality.

🟢

If Mitigated

Limited impact if proper memory protections (ASLR, DEP) are enabled and the application runs with minimal privileges.

🌐 Internet-Facing: LOW - Attack requires local host access according to description.

🏢 Internal Only: MEDIUM - Local attackers could exploit this if they have access to systems running vulnerable librtsp.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and knowledge of buffer overflow exploitation techniques. No public exploit code identified in references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown - vendor unresponsive

Vendor Advisory: None available

Restart Required: Yes

Instructions:

1. Monitor GitHub repository for security updates
2. Consider switching to alternative RTSP library
3. Apply community patches if available

🔧 Temporary Workarounds

Disable or restrict librtsp usage

linux

Remove or disable applications using vulnerable librtsp library

Identify processes using librtsp: lsof | grep librtsp
Stop affected services

Apply memory protection controls

linux

Enable ASLR, DEP, and other memory protection mechanisms

sysctl -w kernel.randomize_va_space=2
Check /proc/sys/kernel/exec-shield

🧯 If You Can't Patch

Implement strict access controls to limit local user access to systems running librtsp
Monitor systems for abnormal process behavior or crashes related to RTSP functionality

🔍 How to Verify

Check if Vulnerable:

Check librtsp version/git commit: strings /path/to/librtsp.so | grep -i commit || git log --oneline -1

Check Version:

git log --oneline -1 (if source) or check library metadata

Verify Fix Applied:

Verify updated commit hash is later than 2ec1a81ad65280568a0c7c16420d7c10fde13b04

📡 Detection & Monitoring

Log Indicators:

Application crashes with segmentation faults
Abnormal termination of RTSP-related processes

Network Indicators:

Unusual local RTSP traffic patterns

SIEM Query:

process.name:librtsp AND (event.type:crash OR signal.name:SIGSEGV)

📊 Metadata

CVE ID: CVE-2026-1110

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-119

EPSS Score: 0.01% exploit probability (2.3th percentile)

Published: January 18, 2026

Last Updated: February 18, 2026

🔗 References

https://github.com/fizz-is-on-the-way/vuls_protocol/blob/main/librtsp_rtsp_parse_method/librtsp_rtsp_parse_method.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.341702 Permissions Required,VDB Entry
https://vuldb.com/?id.341702 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.732603 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-1110, you might also want to check these: