CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
GitHub_MCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
teluupjsip
𝑥
< 2.13
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
asterisk
bullseye
1:16.28.0~dfsg-0+deb11u4
fixed
bullseye (security)
1:16.28.0~dfsg-0+deb11u5
fixed
sid
1:22.1.0~dfsg+~cs6.14.60671435-1
fixed
ring
bullseye
vulnerable
bullseye (security)
20210112.2.b757bac~ds1-1+deb11u1
fixed
bookworm
vulnerable
sid
20231201.0~ds1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
pjproject
kinetic
dne
jammy
dne
focal
dne
bionic
needs-triage
xenial
needs-triage
trusty
ignored
ring
oracular
dne
noble
dne
mantic
Fixed 20230206.0~ds2-1.3ubuntu0.1
released
lunar
Fixed 20230206.0~ds1-5ubuntu0.1
released
impish
ignored
focal
Fixed 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1
released
bionic
Fixed 20180228.1.503da2b~ds1-1ubuntu0.1~esm1
released
xenial
ignored
trusty
ignored
Common Weakness Enumeration
References
https://github.com/pjsip/pjproject/commit/d1c5e4da5bae7f220bc30719888bb389c905c0c5
https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4
https://github.com/pjsip/pjproject/security/advisories/GHSA-q9cp-8wcq-7pfr
https://lists.debian.org/debian-lts-announce/2023/04/msg00020.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
https://www.debian.org/security/2023/dsa-5438
https://www.pjsip.org/pjlib-util/docs/html/group__PJ__DNS__RESOLVER.htm
https://github.com/pjsip/pjproject/commit/d1c5e4da5bae7f220bc30719888bb389c905c0c5
https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4
https://github.com/pjsip/pjproject/security/advisories/GHSA-q9cp-8wcq-7pfr
https://lists.debian.org/debian-lts-announce/2023/04/msg00020.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
https://www.debian.org/security/2023/dsa-5438
https://www.pjsip.org/pjlib-util/docs/html/group__PJ__DNS__RESOLVER.htm