Debian Linux Security Advisory 5285-1 - Multiple security vulnerabilities have been found in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be exploited for information disclosure or the execution of arbitrary code.
5954aa3a6292b16c124f88a5565b25ffb1de65f24ab2438dbac72d360d3842cd
Gentoo Linux Security Advisory 202210-37 - Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. Versions less than 2.12.1 are affected.
0283ae0c45529cc645d6e34ea884fdbdff80a46da788bbb3271840ecfe2a7e46
If an incoming SIP message contains a malformed multi-part body an out-of-bounds read access may occur, which can result in undefined behavior. Note, it is currently uncertain if there is any externally exploitable vector within Asterisk for this issue, but they are providing this as a security issue out of caution.
97b8999a7c776bc25667d248af8128d9089bb735a74f21b5e8602a90fb5d57dc