Description
In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DLA |
DLA-3335-1 | asterisk security update |
Debian DSA |
DSA-5358-1 | asterisk security update |
EUVD |
EUVD-2022-39960 | In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash. |
References
History
Thu, 24 Apr 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-02T19:30:46.043Z
Reserved: 2022-08-01T00:00:00.000Z
Link: CVE-2022-37325
Updated: 2026-07-02T19:30:46.043Z
Status : Modified
Published: 2022-12-05T21:15:10.073
Modified: 2026-06-17T04:54:52.853
Link: CVE-2022-37325
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-787
Out-of-bounds Write
Debian DLA
Debian DSA
EUVD