FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

asterisk -- multiple vulnerabilities

Affected packages
asterisk16 < 16.24.1
asterisk18 < 18.10.1

Details

VuXML ID 964c5460-9c66-11ec-ad3a-001999f8d30b
Discovery 2022-03-03
Entry 2022-03-05

The Asterisk project reports:

AST-2022-004 - The header length on incoming STUN messages that contain an ERROR-CODE attribute is not properly checked. This can result in an integer underflow. Note, this requires ICE or WebRTC support to be in use with a malicious remote party.

AST-2022-005 - When acting as a UAC, and when placing an outgoing call to a target that then forks Asterisk may experience undefined behavior (crashes, hangs, etc) after a dialog set is prematurely freed.

AST-2022-006 - If an incoming SIP message contains a malformed multi-part body an out of bounds read access may occur, which can result in undefined behavior. Note, its currently uncertain if there is any externally exploitable vector within Asterisk for this issue, but providing this as a security issue out of caution.

References

CVE Name CVE-2021-37706
CVE Name CVE-2022-21723
CVE Name CVE-2022-23608
URL https://downloads.asterisk.org/pub/security/AST-2022-004.html
URL https://downloads.asterisk.org/pub/security/AST-2022-005.html
URL https://downloads.asterisk.org/pub/security/AST-2022-006.html