New subject: [Bug 1200118] VUL-0: CVE-2022-31003: sofia-sip: out of bounds write via malformed sdp message

1 Jun 2022


      http://bugzilla.opensuse.org/show_bug.cgi?id=1200118
Bug ID: 1200118
           Summary: VUL-0: CVE-2022-31003: sofia-sip: out of bounds write
                    via malformed sdp message
    Classification: openSUSE
           Product: openSUSE Distribution
           Version: Leap 15.3
          Hardware: Other
               URL: https://smash.suse.de/issue/333270/
                OS: Other
            Status: NEW
          Severity: Minor
          Priority: P5 - None
         Component: Security
          Assignee: os.gnome.maintainers@gmail.com
          Reporter: carlos.lopez@suse.com
        QA Contact: security-team@suse.de
          Found By: Security Response Team
           Blocker: ---
CVE-2022-31003
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent
library. Prior to version 1.13.8, when parsing each line of a sdp message,
`rest
= record + 2` will access the memory behind `\0` and cause an out-of-bounds
write. An attacker can send a message with evil sdp to FreeSWITCH, causing a
crash or more serious consequence, such as remote code execution. Version
1.13.8
contains a patch for this issue.
References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-31003
https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-p...
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003
https://github.com/freeswitch/sofia-sip/commit/907f2ac0ee504c93ebfefd676b463...
-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug 1200118] New: VUL-0: CVE-2022-31003: sofia-sip: out of bounds write via malformed sdp message