CVE-2022-23537 - OpenCVE

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1).

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Teluu	Pjsip

Configuration 1 [-]

cpe:2.3:a:teluu:pjsip:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/pjsip/pjproject/commit/d8440f4d711a654b511f50f79c0445b26f9dd1e1
https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w
https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-12-20T18:50:45.398Z

Updated: 2024-08-03T03:43:46.453Z

Reserved: 2022-01-19T21:23:53.794Z

Link: CVE-2022-23537

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-12-20T19:15:24.663

Modified: 2024-01-25T21:02:01.997

Link: CVE-2022-23537

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-23537", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2022-01-19T21:23:53.794Z", "datePublished": "2022-12-20T18:50:45.398Z", "dateUpdated": "2024-08-03T03:43:46.453Z"}, "containers": {"cna": {"title": "PJSIP vulnerable to heap buffer overflow when decoding STUN message", "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "lang": "en", "description": "CWE-122: Heap-based Buffer Overflow", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w"}, {"name": "https://github.com/pjsip/pjproject/commit/d8440f4d711a654b511f50f79c0445b26f9dd1e1", "tags": ["x_refsource_MISC"], "url": "https://github.com/pjsip/pjproject/commit/d8440f4d711a654b511f50f79c0445b26f9dd1e1"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"}], "affected": [{"vendor": "pjsip", "product": "pjproject", "versions": [{"version": "<= 2.13", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2022-12-20T18:50:45.398Z"}, "descriptions": [{"lang": "en", "value": "PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1)."}], "source": {"advisory": "GHSA-9pfh-r8x4-w26w", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:43:46.453Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w"}, {"name": "https://github.com/pjsip/pjproject/commit/d8440f4d711a654b511f50f79c0445b26f9dd1e1", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/pjsip/pjproject/commit/d8440f4d711a654b511f50f79c0445b26f9dd1e1"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:teluu:pjsip:*:*:*:*:*:*:*:*", "matchCriteriaId": "A196AF4D-F474-4139-B534-17CB457CF2D5", "versionEndExcluding": "2.13.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1)."}, {"lang": "es", "value": "PJSIP es una librer\u00eda de comunicaci\u00f3n multimedia gratuita y de c\u00f3digo abierto escrita en lenguaje C que implementa protocolos basados en est\u00e1ndares como SIP, SDP, RTP, STUN, TURN e ICE. La sobrelectura del b\u00fafer es posible al analizar un mensaje STUN especialmente manipulado con un atributo desconocido. La vulnerabilidad afecta a aplicaciones que utilizan STUN, incluidas PJNATH y PJSUA-LIB. El parche est\u00e1 disponible como commit en la rama master (2.13.1)."}], "id": "CVE-2022-23537", "lastModified": "2024-01-25T21:02:01.997", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-12-20T19:15:24.663", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/pjsip/pjproject/commit/d8440f4d711a654b511f50f79c0445b26f9dd1e1"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "security-advisories@github.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Secondary"}]}