Multiple vulnerabilities in FreeSWITCH Sofia-SIP
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2022-31003 CVE-2022-31002 CVE-2022-31001 |
| CWE-ID | CWE-122 CWE-125 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Sofia-SIP Universal components / Libraries / Libraries used by multiple products |
| Vendor | www.freeswitch.org |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU64006
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-31003
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the "sdp_parse" function. A remote attacker can send a specially crafted sdp message, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSofia-SIP: 1.13.2 - 1.13.7
External linkshttp://github.com/freeswitch/sofia-sip/commit/907f2ac0ee504c93ebfefd676b4632a3575908c9
http://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-pxcp
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU73152
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-31002
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition. A remote attacker can send a specially crafted message with a crafted SDP, trigger an out-of-bounds read error and crash the application. MitigationInstall updates from vendor's website.
Vulnerable software versionsSofia-SIP: 1.13.2 - 1.13.7
External linkshttp://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba
http://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm
http://lists.debian.org/debian-lts-announce/2022/09/msg00001.html
http://security.gentoo.org/glsa/202210-18
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU73151
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-31001
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition. A remote attacker can send a specially crafted message with a crafted SDP, trigger an out-of-bounds read error and crash the application.
Install updates from vendor's website.
Vulnerable software versionsSofia-SIP: 1.13.2 - 1.13.7
External linkshttp://github.com/freeswitch/sofia-sip/commit/a99804b336d0e16d26ab7119d56184d2d7110a36
http://github.com/freeswitch/sofia-sip/security/advisories/GHSA-79jq-hh82-cv9g
http://lists.debian.org/debian-lts-announce/2022/09/msg00001.html
http://security.gentoo.org/glsa/202210-18
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
