Resource exhaustion in freeswitch - CVE-2021-41145
Published: October 25, 2021 / Updated: May 15, 2026
freeswitch
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to uncontrolled resource consumption in the SIP message handling functionality when processing flooded SIP messages. A remote attacker can send a flood of SIP messages to cause a denial of service.
The issue can be triggered without authentication over UDP, TCP, or TLS, and may result in the process being killed by the operating system due to memory exhaustion.