CVE-2022-23547

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PJSIP (affected versions not specified)

Description The issue is related to a possible buffer overread when parsing a certain STUN message. This affects applications that use STUN, including PJNATH and PJSUA-LIB. The problem is similar to another known issue, GHSA-9pfh-r8x4-w26w.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-122

Related Identifiers

CVE-2022-23547

DLA-3335-1

DLA-3549-1

DLA-3887-1

DSA-5358-1

GHSA-9PFH-R8X4-W26W

GHSA-CXWQ-5G9X-X7FR

USN-6422-1

Affected Products

Linuxmint

Pjnath

Pjsip

Pjsua-Lib

Red Os

Ubuntu

CVE-2022-23547

Weakness Enumeration

Related Identifiers

Affected Products

References · 41