CVE Vulnerabilities

CVE-2023-27597

Published: Mar 15, 2023 | Modified: Mar 21, 2023
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, when a specially crafted SIP message is processed by the function rewrite_ruri, a crash occurs due to a segmentation fault. This issue causes the server to crash. It affects configurations containing functions that make use of the affected code, such as the function setport. This issue has been fixed in version 3.1.8 and 3.2.5.

Affected Software

Name Vendor Start Version End Version
Opensips Opensips * 3.1.8 (excluding)
Opensips Opensips 3.2.0 (including) 3.2.5 (excluding)
Opensips Ubuntu bionic *
Opensips Ubuntu trusty *
Opensips Ubuntu xenial *

References