PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (PJMEDIA_HAS_SRTP is set) and use underlying media transport other than UDP. This vulnerability’s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch.
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory “belongs” to the code that operates on the new pointer.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pjsip | Teluu | * | 2.13.1 (including) |
| Asterisk | Ubuntu | bionic | * |
| Asterisk | Ubuntu | focal | * |
| Asterisk | Ubuntu | lunar | * |
| Asterisk | Ubuntu | mantic | * |
| Asterisk | Ubuntu | oracular | * |
| Asterisk | Ubuntu | trusty | * |
| Asterisk | Ubuntu | xenial | * |
| Ring | Ubuntu | bionic | * |
| Ring | Ubuntu | focal | * |
| Ring | Ubuntu | lunar | * |
| Ring | Ubuntu | mantic | * |
| Ring | Ubuntu | trusty | * |
| Ring | Ubuntu | xenial | * |