The-Storm

Name of the Vulnerable Software and Affected Versions: PJSIP versions 2.11.1 and prior Description: The issue affects PJSIP, a free and open source multimedia communication library. In the affected versions, if an incoming RTCP XR message contains a block, the data field is not checked against the received packet size, potentially resulting in an out-of-bound read access. This affects all users that use PJMEDIA and RTCP XR. A malicious actor can send a RTCP XR message with an invalid packet size. Recommendations: For PJSIP versions 2.11.1 and prior, consider updating to a version that includes a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PJSIP versions prior to the fixed version **Description** The issue is related to a buffer overflow in the PJSIP library when handling the length of RTCP BYE messages. This can be exploited by a remote attacker to execute arbitrary code. The problem occurs when the incoming RTCP BYE message contains a reason's length that is not checked against the actual received packet size, potentially resulting in an out-of-bound read access. This affects all users of PJMEDIA and RTCP. A malicious actor can send a RTCP BYE message with an invalid reason length. **Recommendations** For PJSIP versions prior to the fixed version, upgrade to the latest version as soon as possible to resolve the issue. As a temporary workaround, consider restricting the handling of RTCP BYE messages with invalid reason lengths until a patch is available.