CVE-2026-1109 identifies a buffer overflow vulnerability in the rtsp_parse_request function of the cijliu librtsp library, specifically up to commit 2ec1a81ad65280568a0c7c16420d7c10fde13b04. The vulnerability arises from improper handling of input data during RTSP request parsing, allowing a local attacker with low privileges to overflow a buffer. This can lead to memory corruption, potentially enabling partial compromise of confidentiality, integrity, or availability of the affected system. The vulnerability requires local access, no user interaction, and no elevated privileges beyond low-level local permissions. The vendor uses a rolling release approach, complicating version tracking and patch availability; no official patch or response has been provided. The CVSS 4.8 score reflects the limited attack vector and partial impact. No known exploits have been reported in the wild, but the vulnerability remains a concern for environments embedding librtsp for RTSP streaming functionality. The lack of vendor engagement and patch availability increases risk for organizations relying on this library.

The buffer overflow vulnerability could allow a local attacker to corrupt memory, potentially leading to denial of service or partial unauthorized access to sensitive information. While exploitation requires local access, the impact on confidentiality, integrity, and availability is partial but non-negligible. Systems running RTSP streaming services or media servers embedding librtsp may experience crashes or unexpected behavior, disrupting service availability. In environments where RTSP is used for surveillance, media delivery, or real-time streaming, this could degrade operational reliability. The absence of vendor patches and public exploits means the threat is currently theoretical but could be weaponized if combined with other vulnerabilities or privilege escalation techniques. Organizations with multi-user systems or shared hosting environments are at increased risk due to the local attack requirement.

Organizations should first identify all instances of the cijliu librtsp library in their environments, particularly those handling RTSP streaming. Given the lack of official patches, consider applying manual code review and hardening around the rtsp_parse_request function to validate input lengths and prevent buffer overflows. Employ runtime protections such as Address Space Layout Randomization (ASLR), stack canaries, and memory protection mechanisms to mitigate exploitation impact. Restrict local access to trusted users only and monitor for unusual local activity that might indicate exploitation attempts. If possible, isolate RTSP services using librtsp in sandboxed or containerized environments to limit damage scope. Engage with the vendor or community for updates or unofficial patches. Finally, maintain robust system and application logging to detect anomalous behavior related to RTSP parsing.