Описание
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop).
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| cosmic | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| devel | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| disco | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| eoan | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| esm-apps/bionic | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| esm-apps/focal | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| esm-apps/jammy | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| esm-apps/noble | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop).
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x ...
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop).
EPSS
5 Medium
CVSS2
7.5 High
CVSS3