Debian Asterisk vulnerabilities

CVE-2022-24786 [CRITICAL] CVE-2022-24786: asterisk - PJSIP is a free and open source multimedia communication library written in C. P... PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmedia_rtcp_fb_parse_rpsi() will be affected. A patch is available in the `master` branch of the `pjsip/pjproject` GitHub repository

CVE-2022-21723 [CRITICAL] CVE-2022-21723: asterisk - PJSIP is a free and open source multimedia communication library written in C la... PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept S

CVE-2022-39269 [CRITICAL] CVE-2022-39269: asterisk - PJSIP is a free and open source multimedia communication library written in C. W... PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users that use SRTP. The patch is available as commit d2acb9a in the master

CVE-2022-26651 [CRITICAL] CVE-2022-26651: asterisk - An issue was discovered in Asterisk through 19.x and Certified Asterisk through ... An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. The func_odbc module provides possibly inadequate escaping functionality for backslash characters in SQL queries, resulting in user-provided data creating a broken SQL query or possibly a SQL injection. This is fixed in 16.25.2, 18.11.2, and 19.3.2, and 16.8-cert14. Sco

CVE-2022-31031 [CRITICAL] CVE-2022-31031: asterisk - PJSIP is a free and open source multimedia communication library written in C la... PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their applications, either by: setting a STUN server in their account/media c

CVE-2022-26499 [CRITICAL] CVE-2022-26499: asterisk - An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, i... An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2. Scope: local bullseye: resolved (fixed in 1:16.28.0~dfsg-0+deb11u1) sid: resolved (fixed in 1:18.11.2~dfsg+~cs6.10.40431

CVE-2022-21722 [CRITICAL] CVE-2022-21722: asterisk - PJSIP is a free and open source multimedia communication library written in C la... PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially cause out-of-bound read access. This issue affects all users that

CVE-2022-37325 [HIGH] CVE-2022-37325: asterisk - In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x thr... In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash. Scope: local bullseye: resolved (fixed in 1:16.28.0~dfsg-0+deb11u2) sid: resolved (fixed in 1:20.0.1~dfsg+~cs6.12.40431414-1)

CVE-2022-24792 [HIGH] CVE-2022-24792: asterisk - PJSIP is a free and open source multimedia communication library written in C. A... PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length greater than 31-bit integers. The vulnerability does not affect 64-bit

CVE-2022-24764 [HIGH] CVE-2022-24764: asterisk - PJSIP is a free and open source multimedia communication library written in C. V... PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API `pjmedia_sdp_print(), pjmedia_sdp_media_print()`. Applications that do not use PJSUA2 and do not directly call `pjmedia_sdp_print()` or `pjmedia_sdp_media_print()` s

CVE-2022-24793 [HIGH] CVE-2022-24793: asterisk - PJSIP is a free and open source multimedia communication library written in C. A... PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is related to CVE-2023-27585. The difference is that this issue is in parsing the query record

CVE-2022-39244 [HIGH] CVE-2022-39244: asterisk - PJSIP is a free and open source multimedia communication library written in C. I... PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been patched and is available as commit c4d3498 in the master branch and will

CVE-2022-24763 [HIGH] CVE-2022-24763: asterisk - PJSIP is a free and open source multimedia communication library written in the ... PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP's XML parsing in their apps. Users are advised to update. There are no known workarounds. Scope: local bullseye: resolved (fixed in 1:16.28.0~dfsg-0+deb11u1) sid: re

CVE-2022-23608 [HIGH] CVE-2022-23608: asterisk - PJSIP is a free and open source multimedia communication library written in C la... PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed

CVE-2022-26498 [HIGH] CVE-2022-26498: asterisk - An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is ... An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2. Scope: local bullseye: resolved (fixed in 1:16.28.0~dfsg-0+deb11u1) sid: resolved

CVE-2022-23547 [MEDIUM] CVE-2022-23547: asterisk - PJSIP is a free and open source multimedia communication library written in C la... PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. Th

CVE-2022-23537 [MEDIUM] CVE-2022-23537: asterisk - PJSIP is a free and open source multimedia communication library written in C la... PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is

CVE-2022-42706 [MEDIUM] CVE-2022-42706: asterisk - An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.... An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk Manager Interface, allows a connected application to access files outside of the asterisk configuration directory, aka Directory Traversal. Scope: local bullseye: resolved (fixed in 1:16.28.0~dfsg-0+deb11u2

CVE-2022-42705 [MEDIUM] CVE-2022-42705: asterisk - A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, a... A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing activity on that subscription. Scope: local bullseye: resolved (f

CVE-2022-24754 [HIGH] CVE-2022-24754: asterisk - PJSIP is a free and open source multimedia communication library written in C la... PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type `PJSIP_CRED_DATA_DIGEST`). This issue has been patched in the master branch of the PJSIP r