UBUNTU-CVE-2022-24786

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2022-24786

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-24786.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2022-24786

Related

CVE-2022-24786

Published

2022-04-06T14:15:00Z

Modified

2024-10-15T14:09:48Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmediartcpfbparserpsi() will be affected. A patch is available in the master branch of the pjsip/pjproject GitHub repository. There are currently no known workarounds.

References

Affected packages

Ubuntu:Pro:16.04:LTS / pjproject

Package

Name: pjproject
Purl: pkg:deb/ubuntu/pjproject?arch=src?distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1.0.0.ast20130823-1

2.1.0.0.ast20130823-1+deb8u1build0.16.04.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / pjproject

Package

Name: pjproject
Purl: pkg:deb/ubuntu/pjproject?arch=src?distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.6~dfsg-2

2.7~dfsg-1

2.7.1~dfsg-1

2.7.1~dfsg-1build1

2.7.2~dfsg-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / ring

Package

Name: ring
Purl: pkg:deb/ubuntu/ring?arch=src?distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

20170803.*

20170803.2.5fcfe3f~dfsg1-1

20171024.*

20171024.1.eadbdeb~ds1-1

20171129.*

20171129.2.cf5bbff~ds1-1

20171129.2.cf5bbff~ds1-2

20180119.*

20180119.1.9e06f94~ds1-1

20180119.1.9e06f94~ds1-3

20180222.*

20180222.1.7bffde2~ds2-2

20180228.*

20180228.1.503da2b~ds1-1

20180228.1.503da2b~ds1-1build1

20180228.1.503da2b~ds1-1ubuntu0.1~esm1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / ring

Package

Name: ring
Purl: pkg:deb/ubuntu/ring?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

20190215.*

20190215.1.f152c98~ds1-1

20190215.1.f152c98~ds1-1build1

20190215.1.f152c98~ds1-1build2

20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}