Asterisk Project Security Advisory - An attacker attempting to negotiate T.38 over SIP can remotely crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain either a negative or exceptionally large value. The same crash occurs when the FaxMaxDatagram field is omitted from the SDP as well.
e389de5a471316312db8c85329ef64fc51d31e57f6900226fbee9f94d1d8b6de
Asterisk Project Security Advisory - An attacker sending a valid RTP comfort noise payload containing a data length of 24 bytes or greater can remotely crash Asterisk.
36b56a28380039e2532e434853000794f007a636a0fa262cd6df0be8b4ee65e2