CVE-2021-41145

Name of the Vulnerable Software and Affected Versions FreeSWITCH versions prior to 1.10.7

Description The issue concerns a Denial of Service vulnerability via SIP flooding. When FreeSWITCH is flooded with SIP messages, it can lead to memory exhaustion, causing the process to be killed by the operating system. This can be exploited to crash any FreeSWITCH instance, resulting in a Denial of Service. The attack does not require authentication and can be carried out over UDP, TCP, or TLS.

Recommendations For versions prior to 1.10.7, update to version 1.10.7 or later to resolve the issue. As a temporary workaround, consider implementing rate limiting on SIP messages to minimize the risk of exploitation. Restrict access to the SIP interface to trusted sources only. Avoid using the SIP protocol over unsecured connections to reduce the attack surface.