CVE-2024-35434

Publication date 29 May 2024

Last updated 24 July 2024

Ubuntu priority

Irontec Sngrep v1.8.1 was discovered to contain a heap buffer overflow via the function rtp_check_packet at /sngrep/src/rtp.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SIP packet.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
sngrep	24.10 oracular	Needs evaluation
	24.04 LTS noble	Needs evaluation
	23.10 mantic	Ignored end of life, was needs-triage
	22.04 LTS jammy	Needs evaluation
	20.04 LTS focal	Needs evaluation
	18.04 LTS bionic	Needs evaluation
	16.04 LTS xenial	Needs evaluation

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2024-35434
https://github.com/inputzero/Security-Advisories/blob/main/CVE-XXXX-XXXX.md
https://github.com/irontec/sngrep/issues/481