Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-37706

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a specially crafted UDP (STUN) message that could remotely execute arbitrary code on the victim’s machine. Users are advised to upgrade as soon as possible. There are no known workarounds.

Published

2021-12-22T18:15:07.487

Last Modified

2024-11-21T06:15:45.227

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.3 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Secondary
CWE-191
Type: Primary
CWE-191

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	teluu	pjsip	≤ 2.11.1	Yes
Application	asterisk	certified_asterisk	< 16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	asterisk	certified_asterisk	16.8.0	Yes
Application	sangoma	asterisk	< 16.24.1	Yes
Application	sangoma	asterisk	< 18.10.1	Yes
Application	sangoma	asterisk	< 19.2.1	Yes
Operating System	debian	debian_linux	9.0	Yes
Operating System	debian	debian_linux	10.0	Yes

References

http://packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AST-2022-004.html Third Party Advisory, VDB Entry ([email protected])
http://seclists.org/fulldisclosure/2022/Mar/0 Mailing List, Patch, Third Party Advisory ([email protected])
https://github.com/pjsip/pjproject/commit/15663e3f37091069b8c98a7fce680dc04bc8e865 Patch, Third Party Advisory ([email protected])
https://github.com/pjsip/pjproject/security/advisories/GHSA-2qpg-f6wf-w984 Patch, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html Mailing List, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html Mailing List, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html ([email protected])
https://security.gentoo.org/glsa/202210-37 Third Party Advisory ([email protected])
https://www.debian.org/security/2022/dsa-5285 Third Party Advisory ([email protected])
http://packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AST-2022-004.html Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2022/Mar/0 Mailing List, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/pjsip/pjproject/commit/15663e3f37091069b8c98a7fce680dc04bc8e865 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/pjsip/pjproject/security/advisories/GHSA-2qpg-f6wf-w984 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202210-37 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2022/dsa-5285 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)