Описание
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| asterisk | fixed | 1:18.11.1~dfsg+~cs6.10.40431413-1 | package | |
| asterisk | not-affected | stretch | package | |
| pjproject | removed | package | ||
| ring | fixed | 20230206.0~ds1-1 | package |
Примечания
https://github.com/pjsip/pjproject/security/advisories/GHSA-qcvw-h34v-c7r9
https://github.com/pjsip/pjproject/commit/d979253c924a686fa511d705be1f3ad0c5b20337
EPSS
Связанные уязвимости
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
Уязвимость функции pjsua_playlist_create мультимедийной коммуникационной библиотеки PJSIP, связанная с переполнением буфера в стека, позволяющая нарушителю выполнить произвольный код
Множественные уязвимости мультимедийной коммуникационной библиотеки PJSIP
EPSS