CVE-2022-31003 — Heap-based Buffer Overflow in Sofia-sip

CWE-122 — Heap-based Buffer Overflow CWE-787 — Out-of-bounds Write5 documents4 sources

Severity

9.8CRITICALNVD

OSV7.5

EPSS

9.1%

top 7.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Freeswitch Sofia-sip Signalwire Sofia-sip Debian Sofia-sip +1 more

Timeline

PublishedMay 31

Latest updateMar 7

Description

Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code execution. Version 1.13.8 contains a patch for this issue.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages5 packages

▶CVEListV5freeswitch/sofia-sip< 1.13.8

▶Debianfreeswitch/sofia-sip< 1.12.11+20110422.1-2.1+deb11u1+3

▶Ubuntufreeswitch/sofia-sip< 1.12.11+20110422.1-2.1+deb10u3build0.18.04.1+3

▶debiandebian/sofia-sip< sofia-sip 1.12.11+20110422.1+1e14eea~dfsg-3 (bookworm)

▶NVDsignalwire/sofia-sip< 1.13.8

Also affects: Debian Linux 10.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

sofia-sip vulnerabilities↗2023-03-07

▶

OSV

CVE-2022-31003: Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library↗2022-05-31

▶

📋Vendor Advisories

Ubuntu

Sofia-SIP vulnerabilities↗2023-03-07

▶

Debian

CVE-2022-31003: sofia-sip - Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library...↗2022

▶