Janhoffmann

**Name of the Vulnerable Software and Affected Versions** Digium Asterisk versions 15.x through 15.6.1 Digium Asterisk versions 16.x through 16.0.0 **Description** A buffer overflow issue exists in the DNS SRV and NAPTR lookups. This allows remote attackers to crash the system via a specially crafted DNS SRV or NAPTR response. The issue arises because a buffer size is supposed to match an expanded length but actually matches a compressed length. **Recommendations** For Digium Asterisk versions 15.x through 15.6.1, update to version 15.6.2 or later. For Digium Asterisk versions 16.x through 16.0.0, update to version 16.0.1 or later.