Debian Sofia-Sip vulnerabilities

6 known vulnerabilities affecting debian/sofia-sip.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH4

Vulnerabilities

Page 1 of 1
CVE-2023-22741CRITICALCVSS 9.8fixed in sofia-sip 1.12.11+20110422.1+1e14eea~dfsg-4 (bookworm)2023
CVE-2023-22741 [CRITICAL] CVE-2023-22741: sofia-sip - Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3... Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both message length and attributes length checks** when it handles STUN packets, leading to controllable heap-over-flow. For example, in stun_parse_attribute(), after we get the attribute's type and length value, the length
debian
CVE-2023-32307HIGHCVSS 7.5fixed in sofia-sip 1.12.11+20110422.1+1e14eea~dfsg-6 (bookworm)2023
CVE-2023-32307 [HIGH] CVE-2023-32307: sofia-sip - Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3... Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of at
debian
CVE-2022-31003CRITICALCVSS 9.1fixed in sofia-sip 1.12.11+20110422.1+1e14eea~dfsg-3 (bookworm)2022
CVE-2022-31003 [CRITICAL] CVE-2022-31003: sofia-sip - Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library... Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code
debian
CVE-2022-47516HIGHCVSS 7.5fixed in sofia-sip 1.12.11+20110422.1+1e14eea~dfsg-5 (bookworm)2022
CVE-2022-47516 [HIGH] CVE-2022-47516: sofia-sip - An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.2... An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a crafted UDP message that leads to a failure of the libsofia-sip-ua/tport/tport.c self assertion. Scope: local bookworm: resolved (fixed in 1.12.11+20110422.1+1e14eea~dfsg-5) bullseye: resolved (fixed in 1.1
debian
CVE-2022-31002HIGHCVSS 7.5fixed in sofia-sip 1.12.11+20110422.1+1e14eea~dfsg-3 (bookworm)2022
CVE-2022-31002 [HIGH] CVE-2022-31002: sofia-sip - Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library... Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue. Scope: local bookworm: resolved (fixed in 1.12.11+20110422.1+1e14ee
debian
CVE-2022-31001HIGHCVSS 7.5fixed in sofia-sip 1.12.11+20110422.1+1e14eea~dfsg-3 (bookworm)2022
CVE-2022-31001 [HIGH] CVE-2022-31001: sofia-sip - Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library... Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0)`, which will make `n` bigger and trigger out-of-bound access when `IS_NON_WS(s[
debian