MGASA-2022-0343

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0343.html

Import Source

https://advisories.mageia.org/MGASA-2022-0343.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2022-0343

Related

CVE-2022-31001
CVE-2022-31002
CVE-2022-31003

Published

2022-09-21T18:15:27Z

Modified

2022-09-21T17:18:09Z

Summary

Updated sofia-sip packages fix security vulnerability

Details

An attacker can send a message with evil sdp to FreeSWITCH, which may a cause a crash due to an out-of-bounds access. (CVE-2022-31001) An attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. (CVE-2022-31002) An out-of-bounds write. (CVE-2022-31003)

References

https://advisories.mageia.org/MGASA-2022-0343.html
https://bugs.mageia.org/show_bug.cgi?id=30806
https://www.debian.org/lts/security/2022/dla-3091
https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-79jq-hh82-cv9g
https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm
https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-pxcp

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2022-0343

Affected packages