UBUNTU-CVE-2018-14767
- Source
- https://ubuntu.com/security/CVE-2018-14767
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-14767.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2018-14767
- Upstream
- Downstream
- Related
- Published
- 2018-07-31T06:29:00Z
- Modified
- 2025-09-08T16:44:59Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - low
- Summary
- [none]
- Details
-
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "buildresbuffromsip_req" core function. This could result in denial of service and potentially the execution of arbitrary code.
- References
Affected packages
Ubuntu:Pro:16.04:LTS / kamailio
Package
- Name
- kamailio
- Purl
- pkg:deb/ubuntu/kamailio@4.3.4-1.1ubuntu2.1+esm2?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.4-1.1ubuntu2.1+esm2
Affected versions
4.*
4.3.1-2ubuntu1
4.3.4-1.1ubuntu1
4.3.4-1.1ubuntu2
4.3.4-1.1ubuntu2.1
4.3.4-1.1ubuntu2.1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "kamailio",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-autheph-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-berkeley-bin",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-berkeley-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-carrierroute-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-cnxcc-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-cpl-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-dnssec-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-erlang-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-extra-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-geoip-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-ims-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-java-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-json-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-kazoo-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-ldap-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-lua-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-memcached-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-mono-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-mysql-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-outbound-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-perl-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-postgres-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-presence-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-purple-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-python-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-radius-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-redis-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-sctp-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-snmpstats-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-sqlite-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-tls-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-unixodbc-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-utils-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-websocket-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-xml-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
},
{
"binary_name": "kamailio-xmpp-modules",
"binary_version": "4.3.4-1.1ubuntu2.1+esm2"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Ubuntu:Pro:18.04:LTS / kamailio
Package
- Name
- kamailio
- Purl
- pkg:deb/ubuntu/kamailio@5.1.2-1ubuntu2+esm2?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.1.2-1ubuntu2+esm2
Affected versions
4.*
4.4.2-3ubuntu5
5.*
5.0.4-1ubuntu1
5.1.1-1ubuntu1
5.1.1-1ubuntu4
5.1.2-1ubuntu1
5.1.2-1ubuntu2
5.1.2-1ubuntu2+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "kamailio",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-autheph-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-berkeley-bin",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-berkeley-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-carrierroute-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-cnxcc-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-cpl-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-erlang-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-extra-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-geoip-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-geoip2-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-ims-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-json-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-kazoo-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-ldap-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-lua-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-memcached-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-mongodb-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-mono-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-mysql-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-outbound-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-perl-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-phonenum-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-postgres-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-presence-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-python-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-rabbitmq-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-radius-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-redis-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-sctp-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-snmpstats-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-sqlite-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-systemd-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-tls-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-unixodbc-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-utils-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-websocket-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-xml-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
},
{
"binary_name": "kamailio-xmpp-modules",
"binary_version": "5.1.2-1ubuntu2+esm2"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}