Описание
res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 1:16.10.0~dfsg-1 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | not-affected | 1:16.10.0~dfsg-1 |
| esm-apps/noble | not-affected | 1:16.10.0~dfsg-1 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE |
Показывать по
Ссылки на источники
EPSS
4 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference.
res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 1 ...
res_pjsip_t38 in Sangoma Asterisk 13.21-cert4, 15.7.3, and 16.5.0 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk.
EPSS
4 Medium
CVSS2
6.5 Medium
CVSS3