Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!Close

CVE-2023-32307

Published: 26 May 2023

Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. The previous patch of [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54) fixed the vulnerability when attr_type did not match the enum value, but there are also vulnerabilities in the handling of other valid cases. The OOB read and integer-overflow made by attacker may lead to crash, high consumption of memory or even other more serious consequences. These issue have been addressed in version 1.13.15. Users are advised to upgrade.

Priority

Medium

Cvss 3 Severity Score

7.5

Score breakdown

Status

Package Release Status
sofia-sip
Launchpad, Ubuntu, Debian 		trusty Ignored
(end of standard support)
upstream
Released (1.12.11+20110422.1+1e14eea~dfsg-6)
kinetic Ignored
(end of life, was needs-triage)
bionic
Released (1.12.11+20110422.1-2.1+deb10u3ubuntu0.18.04.1~esm1)
Available with Ubuntu Pro
focal
Released (1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2)
jammy
Released (1.12.11+20110422.1-2.1+deb10u3ubuntu0.22.04.2)
lunar
Released (1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1.23.04.1)
mantic
Released (1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1.23.10.1)
xenial
Released (1.12.11+20110422.1-2.1+deb10u3ubuntu0.16.04.1~esm2)
Available with Ubuntu Pro
sip4
Launchpad, Ubuntu, Debian 		kinetic Ignored
(end of life, was needs-triage)
upstream Needs triage

bionic Not vulnerable
(sofia-sip only)
focal Not vulnerable
(sofia-sip only)
jammy Not vulnerable
(sofia-sip only)
lunar Not vulnerable
(sofia-sip only)
mantic Not vulnerable
(sofia-sip only)
trusty Not vulnerable
(sofia-sip only)
xenial Not vulnerable
(sofia-sip only)

Severity score breakdown

Parameter Value
Base score 7.5
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading