CVE-2023-32307 — Heap-based Buffer Overflow in Sofia-sip

CWE-122 — Heap-based Buffer Overflow CWE-190 — Integer Overflow or Wraparound CWE-787 — Out-of-bounds Write4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.4%

top 41.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Freeswitch Sofia-sip Signalwire Sofia-sip Debian Sofia-sip +1 more

Timeline

PublishedMay 26

Latest updateOct 24

Description

Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. The previous patch of [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/s…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5freeswitch/sofia-sip< 1.13.15

▶Debianfreeswitch/sofia-sip< 1.12.11+20110422.1-2.1+deb11u2+3

▶debiandebian/sofia-sip< sofia-sip 1.12.11+20110422.1+1e14eea~dfsg-6 (bookworm)

▶NVDsignalwire/sofia-sip< 1.13.15

Also affects: Debian Linux 10.0

🔴Vulnerability Details

OSV

CVE-2023-32307: Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification↗2023-05-26

▶

📋Vendor Advisories

Ubuntu

Sofia-SIP vulnerability↗2023-10-24

▶

Debian

CVE-2023-32307: sofia-sip - Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3...↗2023

▶