Asterisk
Project Security Advisory -
|
Product |
Asterisk |
|
Summary |
Re-invite with T.38 and malformed SDP causes crash. |
|
Nature of Advisory |
Remote Crash |
|
Susceptibility |
Remote Authenticated Sessions |
|
Severity |
Minor |
|
Exploits Known |
No |
|
Reported On |
November 07, 2019 |
|
Reported By |
Salah Ahmed |
|
Posted On |
November 21, 2019 |
|
Last Updated On |
|
|
Advisory Contact |
bford AT sangoma DOT com |
|
CVE Name |
CVE-2019-18976 |
|
Description |
If Asterisk receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a crash will occur. |
|
Modules Affected |
res_pjsip_t38.c |
|
Resolution |
If T.38 faxing is not needed, then the “t38_udptl” configuration option in pjsip.conf can be set to “no” to disable the functionality. This option automatically defaults to “no” and would have to be manually turned on to experience this crash.
If T.38 faxing is needed, then Asterisk should be upgraded to a fixed version. |
|
Affected Versions |
||
|
Product |
Release Series |
|
|
Asterisk Open Source |
13.x |
All versions |
|
Certified Asterisk |
13.21 |
All versions |
|
Corrected In |
|
|
Product |
Release |
|
Asterisk Open Source |
13.29.2 |
|
Certified Asterisk |
13.21-cert5 |
|
Patches |
|
|
SVN URL |
Revision |
|
http://downloads.asterisk.org/pub/security/AST-2019-008-13.diff |
Asterisk 13 |
|
http://downloads.asterisk.org/pub/security/AST-2019-008-13.21.diff |
Certified Asterisk 13.21-cert5 |
|
Links |
|
Asterisk Project Security Advisories are posted at http://www.asterisk.org/security This document may be superseded by later
versions; if so, the latest version will be posted at
http://downloads.digium.com/pub/security/ |
|
Revision History |
||
|
Date |
Editor |
Revisions Made |
|
November 12, 2019 |
Ben Ford |
Initial Revision |
|
November 21, 2019 |
Ben Ford |
Added “Posted On” date |
Asterisk
Project Security Advisory -
Copyright
©
Permission is hereby granted
to distribute and publish this advisory in its original, unaltered
form.