CVE-2022-39244

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.13

Description The issue is related to a buffer overflow vulnerability in the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser. This vulnerability can be exploited by a remote attacker to execute arbitrary code when users connect to untrusted clients.

Recommendations For versions prior to 2.13, upgrade to version 2.13 or later to resolve the issue. As a temporary workaround, consider restricting connections to trusted clients until the upgrade is applied.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

BDU:2022-06661

CVE-2022-39244

DLA-3335-1

DLA-3549-1

DLA-3887-1

DSA-5358-1

GHSA-FQ45-M3F7-3MHJ

USN-6422-1

Affected Products

Linuxmint

Pjsip

Red Os

Ubuntu

CVE-2022-39244

Weakness Enumeration

Related Identifiers

Affected Products

References · 50