CVE-2022-23608

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior such as dialog list collision which eventually leading to endless loop. A patch is available in commit db3235953baa56d2fb0e276ca510fefca751643f which will be included in the next release. There are no known workarounds for this issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
GitHub_MCNA
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
VendorProductVersion
teluupjsip
𝑥
≤ 2.11.1
asteriskcertified_asterisk
𝑥
< 16.8.0
asteriskcertified_asterisk
16.8.0:cert1
asteriskcertified_asterisk
16.8.0:cert10
asteriskcertified_asterisk
16.8.0:cert11
asteriskcertified_asterisk
16.8.0:cert12
asteriskcertified_asterisk
16.8.0:cert2
asteriskcertified_asterisk
16.8.0:cert3
asteriskcertified_asterisk
16.8.0:cert4
asteriskcertified_asterisk
16.8.0:cert5
asteriskcertified_asterisk
16.8.0:cert6
asteriskcertified_asterisk
16.8.0:cert7
asteriskcertified_asterisk
16.8.0:cert8
asteriskcertified_asterisk
16.8.0:cert9
sangomaasterisk
16.0.0 ≤
𝑥
< 16.24.1
sangomaasterisk
18.0.0 ≤
𝑥
< 18.10.1
sangomaasterisk
19.0.0 ≤
𝑥
< 19.2.1
debiandebian_linux
9.0
debiandebian_linux
10.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
asterisk
bullseye
1:16.28.0~dfsg-0+deb11u4
fixed
stretch
not-affected
bullseye (security)
1:16.28.0~dfsg-0+deb11u5
fixed
sid
1:22.0.0~dfsg+~cs6.14.60671435-1
fixed
ring
bullseye
vulnerable
stretch
not-affected
bullseye (security)
20210112.2.b757bac~ds1-1+deb11u1
fixed
bookworm
20230206.0~ds2-1.1
fixed
sid
20231201.0~ds1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
asterisk
noble
needs-triage
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
needs-triage
impish
ignored
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
trusty
ignored
pjproject
bionic
needs-triage
xenial
needs-triage
trusty
ignored
ring
noble
dne
mantic
not-affected
lunar
not-affected
impish
ignored
focal
Fixed 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1
released
bionic
Fixed 20180228.1.503da2b~ds1-1ubuntu0.1~esm1
released
xenial
ignored
trusty
ignored
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/166226/Asterisk-Project-Security-Advisory-AST-2022-005.html
http://seclists.org/fulldisclosure/2022/Mar/1
https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f
https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62
https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00040.html
https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
https://security.gentoo.org/glsa/202210-37
https://www.debian.org/security/2022/dsa-5285
http://packetstormsecurity.com/files/166226/Asterisk-Project-Security-Advisory-AST-2022-005.html
http://seclists.org/fulldisclosure/2022/Mar/1
https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f
https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62
https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00040.html
https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
https://security.gentoo.org/glsa/202210-37
https://www.debian.org/security/2022/dsa-5285