VoIP Mailing List Archives :: View topic - [asterisk-users] AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver

Sponsor: VoiceMeUp - Corporate & Wholesale VoIP Services

VoIP Mailing List Archives
Mailing list archives for the VoIP community

[asterisk-users] AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver

VoIP Mailing List Archives Forum Index -> Asterisk Users

View previous topic :: View next topic

Author

Message

security at asterisk.org
Guest

Posted: Thu Nov 20, 2014 7:19 pm Post subject: [asterisk-users] AST-2014-016: Remote Crash Vulnerability in

Asterisk Project Security Advisory - AST-2014-016 Product Asterisk Summary Remote Crash Vulnerability in PJSIP channel driver Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known No Reported On 17 November 2014 Reported By Joshua Colp Posted On 20 November 2014 Last Updated On November 20, 2014 Advisory Contact Joshua Colp <jcolp AT digium DOT com> CVE Name Pending Description When handling an INVITE with Replaces message the res_pjsip_refer module incorrectly assumes that it will be operating on a channel that has just been created. If the INVITE with Replaces message is sent in-dialog after a session has been established this assumption will be incorrect. The res_pjsip_refer module will then hang up a channel that is actually owned by another thread. When this other thread attempts to use the just hung up channel it will end up using freed channel which will likely cause a crash. Resolution If REFER support is not required the res_pjsip_refer module can be unloaded to limit exposure otherwise the res_pjsip_refer module has been patched so it will not allow an in-dialog INVITE with Replaces message to be processed. Affected Versions Product Release Series Asterisk Open Source 12.x All versions Asterisk Open Source 13.x All versions Corrected In Product Release Asterisk Open Source 12.7.1, 13.0.1 Patches SVN URL Revision http://downloads.asterisk.org/pub/security/AST-2014-016-12.diff Asterisk 12 http://downloads.asterisk.org/pub/security/AST-2014-016-13.diff Asterisk 13 Links https://issues.asterisk.org/jira/browse/ASTERISK-24471 Asterisk Project Security Advisories are posted at http://www.asterisk.org/security This document may be superseded by later versions; if so, the latest version will be posted at http://downloads.digium.com/pub/security/AST-2014-016.pdf and http://downloads.digium.com/pub/security/AST-2014-016.html Revision History Date Editor Revisions Made November 20 2014 Joshua Colp Initial Revision Asterisk Project Security Advisory - AST-2014-016 Copyright (c) 2014 Digium, Inc. All Rights Reserved. Permission is hereby granted to distribute and publish this advisory in its original, unaltered form. -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users

Display posts from previous:

	VoIP Mailing List Archives Forum Index -> Asterisk Users	All times are GMT - 5 Hours
Page 1 of 1

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum