Showing 1 - 3 of 3

CVE-2022-21723

Status Candidate

Overview

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the `master` branch. There are no known workarounds.

Related Files

Debian Security Advisory 5285-1: Posted Nov 18, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5285-1 - Multiple security vulnerabilities have been found in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be exploited for information disclosure or the execution of arbitrary code.; tags | advisory, overflow, arbitrary, vulnerability, info disclosure; systems | linux, debian; advisories | CVE-2021-37706, CVE-2021-43299, CVE-2021-43300, CVE-2021-43301, CVE-2021-43302, CVE-2021-43303, CVE-2021-43804, CVE-2021-43845, CVE-2021-46837, CVE-2022-21722, CVE-2022-21723, CVE-2022-23608, CVE-2022-24763, CVE-2022-24764; SHA-256 | 5954aa3a6292b16c124f88a5565b25ffb1de65f24ab2438dbac72d360d3842cd; Download | Favorite | View

Gentoo Linux Security Advisory 202210-37: Posted Nov 1, 2022; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202210-37 - Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. Versions less than 2.12.1 are affected.; tags | advisory, arbitrary, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2021-32686, CVE-2021-37706, CVE-2021-41141, CVE-2021-43804, CVE-2021-43845, CVE-2022-21722, CVE-2022-21723, CVE-2022-23608, CVE-2022-24754, CVE-2022-24763, CVE-2022-24764, CVE-2022-24786, CVE-2022-24792, CVE-2022-24793; SHA-256 | 0283ae0c45529cc645d6e34ea884fdbdff80a46da788bbb3271840ecfe2a7e46; Download | Favorite | View

Asterisk Project Security Advisory - AST-2022-006: Posted Mar 7, 2022; Authored by Kevin Harwell, Sauw Ming | Site asterisk.org; If an incoming SIP message contains a malformed multi-part body an out-of-bounds read access may occur, which can result in undefined behavior. Note, it is currently uncertain if there is any externally exploitable vector within Asterisk for this issue, but they are providing this as a security issue out of caution.; tags | advisory; advisories | CVE-2022-21723; SHA-256 | 97b8999a7c776bc25667d248af8128d9089bb735a74f21b5e8602a90fb5d57dc; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 261 files
indoushka 164 files
Ubuntu 101 files
Gentoo 32 files
Debian 22 files
LiquidWorm 14 files
Apple 11 files
malvuln 8 files
Google Security Research 7 files
Rubén López Herrera 5 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,140)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,531)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,026)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,914)
UNIX (9,469)
UnixWare (188)
Windows (6,784)
Other

CVE-2022-21723

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems