UBUNTU-CVE-2022-39244
- Source
- https://ubuntu.com/security/CVE-2022-39244
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-39244.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2022-39244
- Upstream
- Downstream
- Related
- Published
- 2022-10-06T18:16:00Z
- Modified
- 2025-10-24T04:53:49Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been patched and is available as commit c4d3498 in the master branch and will be included in releases 2.13 and later. Users are advised to upgrade. There are no known workarounds for this issue.
- References
Affected packages
Ubuntu:16.04:LTS
pjproject
Package
- Name
- pjproject
- Purl
- pkg:deb/ubuntu/pjproject@2.1.0.0.ast20130823-1+deb8u1build0.16.04.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "libpj2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjlib-util2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjmedia-audiodev2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjmedia-codec2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjmedia-videodev2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjmedia2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjnath2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjproject-dev",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjsip-simple2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjsip-ua2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjsip2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
},
{
"binary_name": "libpjsua2",
"binary_version": "2.1.0.0.ast20130823-1+deb8u1build0.16.04.1"
}
]
}Ubuntu:18.04:LTS
asterisk
Package
- Name
- asterisk
- Purl
- pkg:deb/ubuntu/asterisk@1:13.18.3~dfsg-1ubuntu4?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:13.*
1:13.17.2~dfsg-1ubuntu1
1:13.17.2~dfsg-2ubuntu1
1:13.18.1~dfsg-1ubuntu1
1:13.18.3~dfsg-1ubuntu1
1:13.18.3~dfsg-1ubuntu2
1:13.18.3~dfsg-1ubuntu3
1:13.18.3~dfsg-1ubuntu4
Ecosystem specific
{
"binaries": [
{
"binary_name": "asterisk",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-config",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-dahdi",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-dev",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-mobile",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-modules",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-mp3",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-mysql",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-ooh323",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-tests",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-voicemail",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-voicemail-imapstorage",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-voicemail-odbcstorage",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
},
{
"binary_name": "asterisk-vpb",
"binary_version": "1:13.18.3~dfsg-1ubuntu4"
}
]
}pjproject
Package
- Name
- pjproject
- Purl
- pkg:deb/ubuntu/pjproject@2.7.2~dfsg-1?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "libpj2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjlib-util2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjmedia-audiodev2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjmedia-codec2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjmedia-videodev2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjmedia2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjnath2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjproject-dev",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjsip-simple2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjsip-ua2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjsip2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjsua2",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "libpjsua2-2v5",
"binary_version": "2.7.2~dfsg-1"
},
{
"binary_name": "python-pjproject",
"binary_version": "2.7.2~dfsg-1"
}
]
}Ubuntu:20.04:LTS
ring
Package
- Name
- ring
- Purl
- pkg:deb/ubuntu/ring@20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1
Affected versions
20190215.*
20190215.1.f152c98~ds1-1
20190215.1.f152c98~ds1-1build1
20190215.1.f152c98~ds1-1build2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "jami",
"binary_version": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1"
},
{
"binary_name": "jami-daemon",
"binary_version": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1"
},
{
"binary_name": "ring",
"binary_version": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1"
},
{
"binary_name": "ring-daemon",
"binary_version": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1"
}
]
}asterisk
Package
- Name
- asterisk
- Purl
- pkg:deb/ubuntu/asterisk@1:16.2.1~dfsg-2ubuntu1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "asterisk",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-config",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-dahdi",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-dev",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-mobile",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-modules",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-mp3",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-mysql",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-ooh323",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-tests",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-voicemail",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-voicemail-imapstorage",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-voicemail-odbcstorage",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
},
{
"binary_name": "asterisk-vpb",
"binary_version": "1:16.2.1~dfsg-2ubuntu1"
}
]
}Ubuntu:22.04:LTS
asterisk
Package
- Name
- asterisk
- Purl
- pkg:deb/ubuntu/asterisk@1:18.10.0~dfsg+~cs6.10.40431411-2?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:16.*
1:16.16.1~dfsg-2
1:16.16.1~dfsg-4
1:16.16.1~dfsg-4build1
1:16.16.1~dfsg+~2.10-1
1:18.*
1:18.10.0~dfsg+~cs6.10.40431411-2
Ecosystem specific
{
"binaries": [
{
"binary_name": "asterisk",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
},
{
"binary_name": "asterisk-config",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
},
{
"binary_name": "asterisk-dahdi",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
},
{
"binary_name": "asterisk-dev",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
},
{
"binary_name": "asterisk-mobile",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
},
{
"binary_name": "asterisk-modules",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
},
{
"binary_name": "asterisk-mp3",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
},
{
"binary_name": "asterisk-mysql",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
},
{
"binary_name": "asterisk-ooh323",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
},
{
"binary_name": "asterisk-tests",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
},
{
"binary_name": "asterisk-vpb",
"binary_version": "1:18.10.0~dfsg+~cs6.10.40431411-2"
}
]
}Ubuntu:24.04:LTS
asterisk
Package
- Name
- asterisk
- Purl
- pkg:deb/ubuntu/asterisk@1:20.6.0~dfsg+~cs6.13.40431414-2build5?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:20.*
1:20.4.0~dfsg+~cs6.13.40431414-2
1:20.5.0~dfsg+~cs6.13.40431414-1
1:20.5.1~dfsg+~cs6.13.40431414-1
1:20.5.2~dfsg+~cs6.13.40431414-1
1:20.6.0~dfsg+~cs6.13.40431414-1
1:20.6.0~dfsg+~cs6.13.40431414-2
1:20.6.0~dfsg+~cs6.13.40431414-2build3
1:20.6.0~dfsg+~cs6.13.40431414-2build4
1:20.6.0~dfsg+~cs6.13.40431414-2build5
Ecosystem specific
{
"binaries": [
{
"binary_name": "asterisk",
"binary_version": "1:20.6.0~dfsg+~cs6.13.40431414-2build5"
},
{
"binary_name": "asterisk-config",
"binary_version": "1:20.6.0~dfsg+~cs6.13.40431414-2build5"
},
{
"binary_name": "asterisk-dahdi",
"binary_version": "1:20.6.0~dfsg+~cs6.13.40431414-2build5"
},
{
"binary_name": "asterisk-dev",
"binary_version": "1:20.6.0~dfsg+~cs6.13.40431414-2build5"
},
{
"binary_name": "asterisk-mobile",
"binary_version": "1:20.6.0~dfsg+~cs6.13.40431414-2build5"
},
{
"binary_name": "asterisk-modules",
"binary_version": "1:20.6.0~dfsg+~cs6.13.40431414-2build5"
},
{
"binary_name": "asterisk-mp3",
"binary_version": "1:20.6.0~dfsg+~cs6.13.40431414-2build5"
},
{
"binary_name": "asterisk-mysql",
"binary_version": "1:20.6.0~dfsg+~cs6.13.40431414-2build5"
},
{
"binary_name": "asterisk-ooh323",
"binary_version": "1:20.6.0~dfsg+~cs6.13.40431414-2build5"
},
{
"binary_name": "asterisk-tests",
"binary_version": "1:20.6.0~dfsg+~cs6.13.40431414-2build5"
}
]
}Ubuntu:25.04
asterisk
Package
- Name
- asterisk
- Purl
- pkg:deb/ubuntu/asterisk@1:22.2.0~dfsg+~cs6.15.60671435-2?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:20.*
1:20.8.1~dfsg+~cs6.14.40431414-1
1:22.*
1:22.0.0~dfsg+~cs6.14.60671435-1
1:22.1.0~dfsg+~cs6.14.60671435-1
1:22.1.1~dfsg+~cs6.14.60671435-1
1:22.2.0~dfsg+~cs6.15.60671435-1
1:22.2.0~dfsg+~cs6.15.60671435-2
Ecosystem specific
{
"binaries": [
{
"binary_name": "asterisk",
"binary_version": "1:22.2.0~dfsg+~cs6.15.60671435-2"
},
{
"binary_name": "asterisk-config",
"binary_version": "1:22.2.0~dfsg+~cs6.15.60671435-2"
},
{
"binary_name": "asterisk-dahdi",
"binary_version": "1:22.2.0~dfsg+~cs6.15.60671435-2"
},
{
"binary_name": "asterisk-dev",
"binary_version": "1:22.2.0~dfsg+~cs6.15.60671435-2"
},
{
"binary_name": "asterisk-mobile",
"binary_version": "1:22.2.0~dfsg+~cs6.15.60671435-2"
},
{
"binary_name": "asterisk-modules",
"binary_version": "1:22.2.0~dfsg+~cs6.15.60671435-2"
},
{
"binary_name": "asterisk-mp3",
"binary_version": "1:22.2.0~dfsg+~cs6.15.60671435-2"
},
{
"binary_name": "asterisk-mysql",
"binary_version": "1:22.2.0~dfsg+~cs6.15.60671435-2"
},
{
"binary_name": "asterisk-ooh323",
"binary_version": "1:22.2.0~dfsg+~cs6.15.60671435-2"
},
{
"binary_name": "asterisk-tests",
"binary_version": "1:22.2.0~dfsg+~cs6.15.60671435-2"
}
]
}Ubuntu:25.10
asterisk
Package
- Name
- asterisk
- Purl
- pkg:deb/ubuntu/asterisk@1:22.5.2~dfsg+~cs6.15.60671435-1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:22.*
1:22.2.0~dfsg+~cs6.15.60671435-2
1:22.3.0~dfsg+~cs6.15.60671435-1
1:22.4.1~dfsg+~cs6.15.60671435-1
1:22.4.1~dfsg+~cs6.15.60671435-2
1:22.5.1~dfsg+~cs6.15.60671435-1
1:22.5.2~dfsg+~cs6.15.60671435-1
Ecosystem specific
{
"binaries": [
{
"binary_name": "asterisk",
"binary_version": "1:22.5.2~dfsg+~cs6.15.60671435-1"
},
{
"binary_name": "asterisk-config",
"binary_version": "1:22.5.2~dfsg+~cs6.15.60671435-1"
},
{
"binary_name": "asterisk-dahdi",
"binary_version": "1:22.5.2~dfsg+~cs6.15.60671435-1"
},
{
"binary_name": "asterisk-dev",
"binary_version": "1:22.5.2~dfsg+~cs6.15.60671435-1"
},
{
"binary_name": "asterisk-mobile",
"binary_version": "1:22.5.2~dfsg+~cs6.15.60671435-1"
},
{
"binary_name": "asterisk-modules",
"binary_version": "1:22.5.2~dfsg+~cs6.15.60671435-1"
},
{
"binary_name": "asterisk-mp3",
"binary_version": "1:22.5.2~dfsg+~cs6.15.60671435-1"
},
{
"binary_name": "asterisk-mysql",
"binary_version": "1:22.5.2~dfsg+~cs6.15.60671435-1"
},
{
"binary_name": "asterisk-ooh323",
"binary_version": "1:22.5.2~dfsg+~cs6.15.60671435-1"
},
{
"binary_name": "asterisk-tests",
"binary_version": "1:22.5.2~dfsg+~cs6.15.60671435-1"
}
]
}Ubuntu:Pro:16.04:LTS
asterisk
Package
- Name
- asterisk
- Purl
- pkg:deb/ubuntu/asterisk@1:13.1.0~dfsg-1.1ubuntu4.1+esm1?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:13.*
1:13.1.0~dfsg-1.1ubuntu3
1:13.1.0~dfsg-1.1ubuntu4
1:13.1.0~dfsg-1.1ubuntu4.1
1:13.1.0~dfsg-1.1ubuntu4.1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "asterisk",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-config",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-dahdi",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-dev",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-mobile",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-modules",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-mp3",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-mysql",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-ooh323",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-voicemail",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-voicemail-imapstorage",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-voicemail-odbcstorage",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
},
{
"binary_name": "asterisk-vpb",
"binary_version": "1:13.1.0~dfsg-1.1ubuntu4.1+esm1"
}
]
}Ubuntu:Pro:18.04:LTS
ring
Package
- Name
- ring
- Purl
- pkg:deb/ubuntu/ring@20180228.1.503da2b~ds1-1ubuntu0.1~esm1?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed20180228.1.503da2b~ds1-1ubuntu0.1~esm1
Affected versions
20170803.*
20170803.2.5fcfe3f~dfsg1-1
20171024.*
20171024.1.eadbdeb~ds1-1
20171129.*
20171129.2.cf5bbff~ds1-1
20171129.2.cf5bbff~ds1-2
20180119.*
20180119.1.9e06f94~ds1-1
20180119.1.9e06f94~ds1-3
20180222.*
20180222.1.7bffde2~ds2-2
20180228.*
20180228.1.503da2b~ds1-1
20180228.1.503da2b~ds1-1build1