PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior such as dialog list collision which eventually leading to endless loop. A patch is available in commit db3235953baa56d2fb0e276ca510fefca751643f which will be included in the next release. There are no known workarounds for this issue.
{
"cna_assigner": "GitHub_M",
"cwe_ids": [
"CWE-416"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/23xxx/CVE-2022-23608.json"
}{
"source": "CPE_RANGE",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "16.8.0"
},
{
"introduced": "16.0.0"
},
{
"fixed": "16.24.1"
},
{
"introduced": "18.0.0"
},
{
"fixed": "18.10.1"
},
{
"introduced": "19.0.0"
},
{
"fixed": "19.2.1"
}
],
"cpe": [
"cpe:2.3:a:asterisk:certified_asterisk:*:*:*:*:*:*:*:*",
"cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*"
]
}{
"source": [
"CPE_RANGE",
"REFERENCES"
],
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "2.11.1"
}
],
"cpe": "cpe:2.3:a:teluu:pjsip:*:*:*:*:*:*:*:*"
}