Описание
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially cause out-of-bound read access. This issue affects all users that use PJMEDIA and accept incoming RTP/RTCP. A patch is available as a commit in the master branch. There are no known workarounds.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| esm-apps/bionic | needs-triage | |
| esm-apps/xenial | needs-triage | |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | released | 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 |
| focal | released | 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 |
| impish | ignored | end of life |
| lunar | not-affected | 20230206.0~ds1-5 |
| mantic | not-affected | 20230206.0~ds2-1.3 |
| noble | DNE | |
| oracular | DNE |
Показывать по
6.4 Medium
CVSS2
9.1 Critical
CVSS3
Связанные уязвимости
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially cause out-of-bound read access. This issue affects all users that use PJMEDIA and accept incoming RTP/RTCP. A patch is available as a commit in the `master` branch. There are no known workarounds.
PJSIP is a free and open source multimedia communication library writt ...
Уязвимость мультимедийной коммуникационной библиотеки PJSIP, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
6.4 Medium
CVSS2
9.1 Critical
CVSS3