CVE-2021-21375Uncontrolled Resource Consumption in Pjproject

CWE-400Uncontrolled Resource ConsumptionCWE-754Improper Check for Unusual or Exceptional Conditions7 documents6 sources
Severity
6.5MEDIUMNVD
OSV9.8
EPSS
1.3%
top 20.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Pjsip PjprojectDebian RingTeluu Pjsip+1 more
Timeline
PublishedMar 10
Latest updateMar 24

Description

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP version 2.10 and earlier, after an initial INVITE has been sent, when two 183 responses are received, with the first one causing negotiation failure, a crash will occur. This results in a denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

Ubuntupjsip/pjproject< 2.1.0.0.ast20130823-1+deb8u1ubuntu0.1~esm1+1
NVDteluu/pjsip2.10
CVEListV5pjsip/pjproject2.10
debiandebian/ring< ring 20210112.2.b757bac~ds1-1 (bookworm)

Also affects: Debian Linux 9.0

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

2
OSV
pjproject vulnerabilities2026-03-24
OSV
CVE-2021-21375: PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, ST2021-03-10

📋Vendor Advisories

2
Ubuntu
PJSIP vulnerabilities2026-03-24
Debian
CVE-2021-21375: ring - PJSIP is a free and open source multimedia communication library written in C la...2021
CVE-2021-21375 — Uncontrolled Resource Consumption | cvebase