CVE-2022-31001 — Out-of-bounds Read in Sofia-sip

CWE-125 — Out-of-bounds Read5 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 56.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Freeswitch Sofia-sip Signalwire Sofia-sip Debian Sofia-sip +1 more

Timeline

PublishedMay 31

Latest updateMar 7

Description

Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0)`, which will make `n` bigger and trigger out-of-bound access when `IS_NON_WS(s[n])`. Version 1.13.8 contains a patch for this issue.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

▶CVEListV5freeswitch/sofia-sip< 1.13.8

▶Debianfreeswitch/sofia-sip< 1.12.11+20110422.1-2.1+deb11u1+3

▶Ubuntufreeswitch/sofia-sip< 1.12.11+20110422.1-2.1+deb10u3build0.18.04.1+3

▶debiandebian/sofia-sip< sofia-sip 1.12.11+20110422.1+1e14eea~dfsg-3 (bookworm)

▶NVDsignalwire/sofia-sip< 1.13.8

Also affects: Debian Linux 10.0, 11.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

sofia-sip vulnerabilities↗2023-03-07

▶

OSV

CVE-2022-31001: Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library↗2022-05-31

▶

📋Vendor Advisories

Ubuntu

Sofia-SIP vulnerabilities↗2023-03-07

▶

Debian

CVE-2022-31001: sofia-sip - Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library...↗2022

▶