CVE-2022-23547 – Heap buffer overflow in pjproject when decoding STUN message
https://notcve.org/view.php?id=CVE-2022-23547
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as commit in the master branch. • https://github.com/pjsip/pjproject/commit/bc4812d31a67d5e2f973fbfaf950d6118226cf36 https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w https://github.com/pjsip/pjproject/security/advisories/GHSA-cxwq-5g9x-x7fr https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVE-2022-39244 – Buffer overflow in pjlib scanner and pjmedia
https://notcve.org/view.php?id=CVE-2022-39244
PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been patched and is available as commit c4d3498 in the master branch and will be included in releases 2.13 and later. Users are advised to upgrade. • https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae https://github.com/pjsip/pjproject/security/advisories/GHSA-fq45-m3f7-3mhj https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html https://security.gentoo.org/glsa/202210-37 https://www.debian.org/security/2023/dsa-5358 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2022-39269 – Media transport downgrade from the secure version (SRTP) to non-secure (RTP) in pjsip
https://notcve.org/view.php?id=CVE-2022-39269
PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users that use SRTP. The patch is available as commit d2acb9a in the master branch of the project and will be included in version 2.13. Users are advised to manually patch or to upgrade. • https://github.com/pjsip/pjproject/commit/d2acb9af4e27b5ba75d658690406cec9c274c5cc https://github.com/pjsip/pjproject/security/advisories/GHSA-wx5m-cj97-4wwg https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html https://security.gentoo.org/glsa/202210-37 https://www.debian.org/security/2023/dsa-5358 • CWE-319: Cleartext Transmission of Sensitive Information •
CVE-2022-24786 – Potential out-of-bound read/write in PJSIP
https://notcve.org/view.php?id=CVE-2022-24786
PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmedia_rtcp_fb_parse_rpsi() will be affected. A patch is available in the `master` branch of the `pjsip/pjproject` GitHub repository. There are currently no known workarounds. PJSIP es una librería de comunicación multimedia gratuita y de código abierto escrita en C. • https://github.com/pjsip/pjproject/commit/11559e49e65bdf00922ad5ae28913ec6a198d508 https://github.com/pjsip/pjproject/security/advisories/GHSA-vhxv-phmx-g52q https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html https://security.gentoo.org/glsa/202210-37 https://www.debian.org/security/2022/dsa-5285 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVE-2022-24793 – Potential heap buffer overflow when parsing DNS packets in PJSIP
https://notcve.org/view.php?id=CVE-2022-24793
PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is related to CVE-2023-27585. The difference is that this issue is in parsing the query record `parse_rr()`, while the issue in CVE-2023-27585 is in `parse_query()`. • https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4 https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html https://security.gentoo.org/glsa/202210-37 https://www.debian.org/security/2022/dsa-5285 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •