Все бюллетени/c10f2/ALT-PU-2024-15948-3
ALT-PU-2024-15948-3

Обновление пакета libpjsip в ветке c10f2

Версия2.14.1-alt1
Задание#363051
Опубликовано2024-11-22
Макс. серьёзностьCRITICAL
Серьёзность:

Закрытые проблемы (36)

BDU:2022-01086
HIGH7.3

Уязвимость мультимедийной коммуникационной библиотеки PJSIP, связанная с целочисленной потерей значимости, позволяющая нарушителю выполнить произвольный код

Опубликовано: 2022-03-04Изменено: 2024-04-03
CVSS 3.xВЫСОКАЯ 7.3
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
Ссылки
BDU:2022-01087
HIGH7.3

Уязвимость мультимедийной коммуникационной библиотеки PJSIP, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код

Опубликовано: 2022-03-04Изменено: 2024-04-03
CVSS 3.xВЫСОКАЯ 7.3
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
Ссылки
BDU:2022-01449
CRITICAL9.8

Уязвимость функции pjsua_playlist_create мультимедийной коммуникационной библиотеки PJSIP, связанная с переполнением буфера в стека, позволяющая нарушителю выполнить произвольный код

Опубликовано: 2022-03-25Изменено: 2024-04-03
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0КРИТИЧЕСКАЯ 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2022-01450
CRITICAL9.8

Уязвимость функции pjsua_call_dump мультимедийной коммуникационной библиотеки PJSIP, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный кодд

Опубликовано: 2022-03-25Изменено: 2024-04-03
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0КРИТИЧЕСКАЯ 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2022-01451
CRITICAL9.8

Уязвимость функции pjsua_recorder_create мультимедийной коммуникационной библиотеки PJSIP, связанная с переполнением буфера в стека, позволяющая нарушителю выполнить произвольный код

Опубликовано: 2022-03-25Изменено: 2024-04-03
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0КРИТИЧЕСКАЯ 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2022-01452
CRITICAL9.8

Уязвимость мультимедийной коммуникационной библиотеки PJSIP, связанная с переполнением буфера в стеке, позволяющая нарушителю выполнить произвольный код

Опубликовано: 2022-03-25Изменено: 2024-04-03
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0КРИТИЧЕСКАЯ 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2022-01458
HIGH7.5

Уязвимость функции pjsua_recorder_create мультимедийной коммуникационной библиотеки PJSIP, связанная с чтением за границами буфера памяти, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2022-03-25Изменено: 2024-04-03
CVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0ВЫСОКАЯ 7.8
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C
Ссылки
BDU:2022-02055
MEDIUM5.9

Уязвимость SSL-сокета системы управления IP-телефонией Asterisk, реализации протокола SIP PJSIP, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2022-04-11Изменено: 2022-10-18
CVSS 3.xСРЕДНЯЯ 5.9
CVSS:3.x/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0ВЫСОКАЯ 7.1
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C
Ссылки
BDU:2022-02185
CRITICAL9.1

Уязвимость мультимедийной коммуникационной библиотеки PJSIP, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2022-04-13Изменено: 2024-04-03
CVSS 3.xКРИТИЧЕСКАЯ 9.1
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVSS 2.0КРИТИЧЕСКАЯ 9.4
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:C
Ссылки
BDU:2022-02186
MEDIUM5.9

Уязвимость мультимедийной коммуникационной библиотеки PJSIP, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2022-04-13Изменено: 2024-04-03
CVSS 3.xСРЕДНЯЯ 5.9
CVSS:3.x/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 5.4
CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:C
Ссылки
BDU:2022-02207
MEDIUM5.9

Уязвимость мультимедийной коммуникационной библиотеки PJSIP, связанная с ошибками синхронизации при использовании общего ресурса, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2022-04-13
CVSS 3.xСРЕДНЯЯ 5.9
CVSS:3.x/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0СРЕДНЯЯ 5.4
CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:C
Ссылки
BDU:2022-02209
CRITICAL9.1

Уязвимость мультимедийной коммуникационной библиотеки PJSIP, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2022-04-13Изменено: 2024-04-03
CVSS 3.xКРИТИЧЕСКАЯ 9.1
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVSS 2.0КРИТИЧЕСКАЯ 9.4
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:C
Ссылки
BDU:2022-03168
HIGH8.5

Уязвимость реализации функции pjsip_auth_create_digest() мультимедийной коммуникационной библиотеки PJSIP, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Опубликовано: 2022-05-30
CVSS 3.xВЫСОКАЯ 8.5
CVSS:3.x/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.1
CVSS:2.0/AV:N/AC:H/Au:S/C:C/I:C/A:C
Ссылки
BDU:2022-03169
HIGH7.5

Уязвимость мультимедийной коммуникационной библиотеки PJSIP, связанная с выполнением цикла с недоступным условием выхода, позволяющая нарушителю вызвать отказ в обслуживании

Опубликовано: 2022-05-30Изменено: 2022-11-21
CVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0ВЫСОКАЯ 7.8
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C
Ссылки
BDU:2022-03171
HIGH8.6

Уязвимость реализации функций pjmedia_sdp_print() и pjmedia_sdp_media_print() интерфейса PJSUA2 API мультимедийной коммуникационной библиотеки PJSI, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Опубликовано: 2022-05-30Изменено: 2022-11-21
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
CVSS 2.0КРИТИЧЕСКАЯ 9.0
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:C
Ссылки
BDU:2022-07479
MEDIUM6.5

Уязвимость мультимедиа библиотеки PJSIP, связанная с переполнением буфера в динамической памяти, позволяющая нарушителю выполнить произвольный код в целевой системе

Опубликовано: 2022-12-28Изменено: 2024-04-03
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVSS 2.0СРЕДНЯЯ 6.1
CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:N/A:C
Ссылки
CVE-2021-32686
MEDIUM5.9

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/listener may get destroyed during handshake. Both issues were reported to happen intermittently in heavy load TLS connections. They cause a crash, resulting in a denial of service. These are fixed in version 2.11.1.

Опубликовано: 2021-07-23Изменено: 2025-11-04
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 5.9
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2021-37706
CRITICAL9.8

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a specially crafted UDP (STUN) message that could remotely execute arbitrary code on the victim’s machine. Users are advised to upgrade as soon as possible. There are no known workarounds.

Опубликовано: 2021-12-22Изменено: 2025-11-04
CVSS 2.0КРИТИЧЕСКАЯ 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2021-41141
HIGH7.5

PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently held locks. This could result in a system deadlock, which cause a denial of service for the users. No release has yet been made which contains the linked fix commit. All versions up to an including 2.11.1 are affected. Users may need to manually apply the patch.

Опубликовано: 2022-01-04Изменено: 2024-11-21
CVSS 2.0ВЫСОКАЯ 7.8
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2021-43299
CRITICAL9.8

Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

Опубликовано: 2022-02-16Изменено: 2025-11-04
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2021-43300
CRITICAL9.8

Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

Опубликовано: 2022-02-16Изменено: 2025-11-04
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2021-43301
CRITICAL9.8

Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

Опубликовано: 2022-02-16Изменено: 2025-11-04
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2021-43302
CRITICAL9.1

Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters.

Опубликовано: 2022-02-16Изменено: 2025-11-04
CVSS 2.0СРЕДНЯЯ 6.4
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Ссылки
CVE-2021-43303
CRITICAL9.8

Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied

Опубликовано: 2022-02-16Изменено: 2025-11-04
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2021-43804
HIGH7.3

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length, this declared length is not checked against the actual received packet size, potentially resulting in an out-of-bound read access. This issue affects all users that use PJMEDIA and RTCP. A malicious actor can send a RTCP BYE message with an invalid reason length. Users are advised to upgrade as soon as possible. There are no known workarounds.

Опубликовано: 2021-12-22Изменено: 2025-11-04
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 7.3
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Ссылки
CVE-2021-43845
CRITICAL9.1

PJSIP is a free and open source multimedia communication library. In version 2.11.1 and prior, if incoming RTCP XR message contain block, the data field is not checked against the received packet size, potentially resulting in an out-of-bound read access. This affects all users that use PJMEDIA and RTCP XR. A malicious actor can send a RTCP XR message with an invalid packet size.

Опубликовано: 2021-12-27Изменено: 2025-11-04
CVSS 2.0СРЕДНЯЯ 6.4
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Ссылки
CVE-2022-21722
CRITICAL9.1

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially cause out-of-bound read access. This issue affects all users that use PJMEDIA and accept incoming RTP/RTCP. A patch is available as a commit in the `master` branch. There are no known workarounds.

Опубликовано: 2022-01-27Изменено: 2025-11-04
CVSS 2.0СРЕДНЯЯ 6.4
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Ссылки
CVE-2022-21723
CRITICAL9.1

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the `master` branch. There are no known workarounds.

Опубликовано: 2022-01-27Изменено: 2025-11-04
CVSS 2.0СРЕДНЯЯ 6.4
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Ссылки
CVE-2022-23537
CRITICAL9.8

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1).

Опубликовано: 2022-12-20Изменено: 2025-11-04
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2022-23608
CRITICAL9.8

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior such as dialog list collision which eventually leading to endless loop. A patch is available in commit db3235953baa56d2fb0e276ca510fefca751643f which will be included in the next release. There are no known workarounds for this issue.

Опубликовано: 2022-02-22Изменено: 2025-11-04
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2022-24754
CRITICAL9.8

PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type `PJSIP_CRED_DATA_DIGEST`). This issue has been patched in the master branch of the PJSIP repository and will be included with the next release. Users unable to upgrade need to check that the hashed digest data length must be equal to `PJSIP_MD5STRLEN` before passing to PJSIP.

Опубликовано: 2022-03-11Изменено: 2025-11-04
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2022-24764
HIGH7.5

PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API `pjmedia_sdp_print(), pjmedia_sdp_media_print()`. Applications that do not use PJSUA2 and do not directly call `pjmedia_sdp_print()` or `pjmedia_sdp_media_print()` should not be affected. A patch is available on the `master` branch of the `pjsip/pjproject` GitHub repository. There are currently no known workarounds.

Опубликовано: 2022-03-22Изменено: 2025-11-04
CVSS 2.0СРЕДНЯЯ 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2022-24792
HIGH7.5

PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length greater than 31-bit integers. The vulnerability does not affect 64-bit apps and should not affect apps that only plays trusted WAV files. A patch is available on the `master` branch of the `pjsip/project` GitHub repository. As a workaround, apps can reject a WAV file received from an unknown source or validate the file first.

Опубликовано: 2022-04-25Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2022-31031
CRITICAL9.8

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their applications, either by: setting a STUN server in their account/media config in PJSUA/PJSUA2 level, or directly using `pjlib-util/stun_simple` API. A patch is available in commit 450baca which should be included in the next release. There are no known workarounds for this issue.

Опубликовано: 2022-06-09Изменено: 2025-11-04
CVSS 2.0СРЕДНЯЯ 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2023-27585
HIGH7.5

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead.

Опубликовано: 2023-03-14Изменено: 2025-11-04
CVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2023-38703
CRITICAL9.8

PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability’s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch.

Опубликовано: 2023-10-06Изменено: 2025-04-10
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки