SB2022060634 - Multiple vulnerabilities in FreeSWITCH Sofia-SIP

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Heap-based buffer overflow (CVE-ID: CVE-2022-31003)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the "sdp_parse" function. A remote attacker can send a specially crafted sdp message, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) Out-of-bounds read (CVE-ID: CVE-2022-31002)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition. A remote attacker can send a specially crafted message with a crafted SDP, trigger an out-of-bounds read error and crash the application.

3) Out-of-bounds read (CVE-ID: CVE-2022-31001)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition. A remote attacker can send a specially crafted message with a crafted SDP, trigger an out-of-bounds read error and crash the application.

Remediation

Install update from vendor's website.

References

• https://github.com/freeswitch/sofia-sip/commit/907f2ac0ee504c93ebfefd676b4632a3575908c9
• https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-pxcp
• https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba
• https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm
• https://lists.debian.org/debian-lts-announce/2022/09/msg00001.html
• https://security.gentoo.org/glsa/202210-18
• https://github.com/freeswitch/sofia-sip/commit/a99804b336d0e16d26ab7119d56184d2d7110a36
• https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-79jq-hh82-cv9g