CVE-2022-31001

Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by #define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0), which will make n bigger and trigger out-of-bound access when IS_NON_WS(s[n]). Version 1.13.8 contains a patch for this issue.

Published: May 31, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-31001
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
signalwire / sofia-sip	-	1.13.8
debian / debian_linux	10.0	10.0.x
debian / debian_linux	11.0	11.0.x

https://github.com/freeswitch/sofia-sip/commit/a99804b336d0e16d26ab7119d56184d2d7110a36
https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-79jq-hh82-cv9g
https://lists.debian.org/debian-lts-announce/2022/09/msg00001.html
https://security.gentoo.org/glsa/202210-18
https://www.debian.org/security/2023/dsa-5410

Vulnerability Database

CVE-2022-31001