Headline
CVE-2022-31001: Merge pull request from GHSA-79jq-hh82-cv9g · freeswitch/sofia-sip@a99804b
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by #define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0), which will make n bigger and trigger out-of-bound access when IS_NON_WS(s[n]). Version 1.13.8 contains a patch for this issue.
Permalink
Browse files
Merge pull request from GHSA-79jq-hh82-cv9g
Fix Out-of-bound read in sip_method_d
- Loading branch information
2 parents 51841eb + e96b4b8 commit a99804b336d0e16d26ab7119d56184d2d7110a36
Showing 1 changed file with 4 additions and 0 deletions.
@@ -454,6 +454,10 @@ sip_method_t sip_method_d(char **ss, char const **return_name)
#undef MATCH
if (strlen(s) < n) {
return sip_method_invalid;
}
if (IS_NON_WS(s[n]))
/* Unknown method */
code = sip_method_unknown;
0 comments on commit a99804b
Please sign in to comment.
Related news
Debian Linux Security Advisory 5410-1 - Multiple security issues were discovered in Sofia-SIP, a SIP User-Agent library, which could result in denial of service.
Ubuntu Security Notice 5932-1 - It was discovered that Sofia-SIP incorrectly handled specially crafted SDP packets. A remote attacker could use this issue to cause applications using Sofia-SIP to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Sofia-SIP incorrectly handled specially crafted UDP packets. A remote attacker could use this issue to cause applications using Sofia-SIP to crash, leading to a denial of service.