PT-2022-2181 · Pjsip+1 · Pjsip+1

Ryancaicse

Published

2022-01-04

Updated

2024-11-25

CVE-2021-41141

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions PJSIP versions up to and including 2.11.1

Description The issue is related to synchronization errors when using shared resources in the PJSIP library. When an error or failure occurs in various parts of PJSIP, the function returns without releasing the currently held locks, potentially resulting in a system deadlock and causing a denial of service for users.

Recommendations For versions up to and including 2.11.1, users may need to manually apply the patch, as no release has yet been made that contains the linked fix commit. As a temporary workaround, consider restricting access to shared resources to minimize the risk of exploitation.

Fix

DoS

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

ALT-PU-2024-15954

ALT-PU-2024-16030

BDU:2022-02207

CVE-2021-41141

DLA-2962-1

GHSA-8FMX-HQW7-6GMC

Affected Products

Alt Linux

Pjsip

PT-2022-2181 · Pjsip+1 · Pjsip+1

CVE-2021-41141

Weakness Enumeration

Related Identifiers

Affected Products

References · 15