CVE-2023-37457
published 2023-12-14CVE-2023-37457: Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as…
PriorityP343high8.2CVSS 3.1
AVNACLPRNUINSUCNILAH
EPSS
1.13%
62.2th percentile
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| asterisk | asterisk | <= 18.20.0 | — |
| asterisk | asterisk | — | — |
| asterisk | asterisk | — | — |
| asterisk | asterisk | >= 0 < 1:16.28.0~dfsg-0+deb11u4 | 1:16.28.0~dfsg-0+deb11u4 |
| debian | asterisk | < asterisk 1:16.28.0~dfsg-0+deb11u4 (bullseye) | asterisk 1:16.28.0~dfsg-0+deb11u4 (bullseye) |
| digium | asterisk | <= 18.20.0 | — |
| digium | asterisk | — | — |
| digium | asterisk | 19.0.0 – 20.5.0 | — |
| sangoma | certified_asterisk | — | — |
| sangoma | certified_asterisk | — | — |
| sangoma | certified_asterisk | — | — |
CVSS provenance
nvdv3.18.2HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
osv8.2HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2023-37457: Asterisk is an open source private branch exchange and telephony toolkit
osv·2023-12-14·CVSS 8.2
CVE-2023-37457 [HIGH] CVE-2023-37457: Asterisk is an open source private branch exchange and telephony toolkit
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa.
Debian
CVE-2023-37457: asterisk - Asterisk is an open source private branch exchange and telephony toolkit. In Ast...
vendor_debian·2023·CVSS 7.5
CVE-2023-37457 [HIGH] CVE-2023-37457: asterisk - Asterisk is an open source private branch exchange and telephony toolkit. In Ast...
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa.
Scope: local
bullseye: resolved (fixed in 1:16.28.0~dfsg-0+deb11u4)
sid: resolved (fixed in 1:20.8.1~dfsg+~cs6.14.40431414-1)
No detection rules found.
No public exploits indexed.
Bugzilla
TRIAGE CVE-2023-37457 asterisk: potential buffer overflow in PJSIP_HEADER dialplan function [fedora-all]
bugzilla·2023-12-14·CVSS 7.5
CVE-2023-37457 [HIGH] TRIAGE CVE-2023-37457 asterisk: potential buffer overflow in PJSIP_HEADER dialplan function [fedora-all]
TRIAGE CVE-2023-37457 asterisk: potential buffer overflow in PJSIP_HEADER dialplan function [fedora-all]
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2254625
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
Use the following template to for the 'fedpkg update' request to submit an
update for this issue as it contains the top-level parent bug(s) as well as
this tracking bug. This will ensure that all associated bugs get updated
when new packages are pushed to stable.
# bugfix, security, enhancement, newpackage (required)
type=
Bugzilla
TRIAGE CVE-2023-37457 asterisk: potential buffer overflow in PJSIP_HEADER dialplan function [epel-all]
bugzilla·2023-12-14·CVSS 7.5
CVE-2023-37457 [HIGH] TRIAGE CVE-2023-37457 asterisk: potential buffer overflow in PJSIP_HEADER dialplan function [epel-all]
TRIAGE CVE-2023-37457 asterisk: potential buffer overflow in PJSIP_HEADER dialplan function [epel-all]
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2254625
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
Use the following template to for the 'fedpkg update' request to submit an
update for this issue as it contains the top-level parent bug(s) as well as
this tracking bug. This will ensure that all associated bugs get updated
when new packages are pushed to stable.
# bugfix, security, enhancement, newpackage (required)
type=se
https://github.com/asterisk/asterisk/commit/a1ca0268254374b515fa5992f01340f7717113fahttps://github.com/asterisk/asterisk/security/advisories/GHSA-98rc-4j27-74hhhttps://lists.debian.org/debian-lts-announce/2023/12/msg00019.htmlhttps://github.com/asterisk/asterisk/commit/a1ca0268254374b515fa5992f01340f7717113fahttps://github.com/asterisk/asterisk/security/advisories/GHSA-98rc-4j27-74hhhttps://lists.debian.org/debian-lts-announce/2023/12/msg00019.html
2023-12-14
Published