Asterisk Project Security Advisory - AST-2021-001

Product

Asterisk

Summary

Remote crash in res_pjsip_diversion

Nature of Advisory

Denial of service

Susceptibility

Remote authenticated sessions

Severity

Moderate

Exploits Known

No

Reported On

December 28 2020

Reported By

Ivan Poddubny

Posted On

January 04 2021

Last Updated On

January 04 2021

Advisory Contact

gjoseph AT sangoma DOT com

CVE Name

CVE-2020-35776



Description

If a registered user is tricked into dialing a malicious number that sends lots of 181 responses to Asterisk, each one will cause a 181 to be sent back to the original caller with an increasing number of entries in the “Supported” header. Eventually the number of entries in the header exceeds the size of the entry array and causes a crash.

Modules Affected

res_pjsip_diversion.c


Resolution

Before updating the “Supported” header with a new entry, Asterisk now checks that the entry doesn’t already exist and that adding an entry won’t exceed the size of the entry array.


Affected Versions

Product

Release Series


Asterisk Open Source

13.X

13.38.1

Asterisk Open Source

16.X

16.15.1

Asterisk Open Source

17.X

17.9.1

Asterisk Open Source

18.X

18.1.1


Corrected In

Product

Release

Asterisk Open Source

13.38.2, 16.16.1, 17.9.2, 18.2.1




Patches

Patch URL

Revision

https://downloads.digium.com/pub/security/AST-2021-001-13.diff

13.38.2

https://downloads.digium.com/pub/security/AST-2021-001-16.diff

16.16.1

https://downloads.digium.com/pub/security/AST-2021-001-17.diff

17.9.2

https://downloads.digium.com/pub/security/AST-2021-001-18.diff

18.2.1



Links

https://issues.asterisk.org/jira/browse/ASTERISK-29227


https://downloads.asterisk.org/pub/security/AST-2021-001.html


Asterisk Project Security Advisories are posted at http://www.asterisk.org/security

This document may be superseded by later versions; if so, the latest version will be posted at https://downloads.digium.com/pub/security/AST-2021-001.pdf and https://downloads.digium.com/pub/security/AST-2021-001.html


Revision History

Date

Editor

Revisions Made

December 29, 2020

George Joseph

Initial revision











Asterisk Project Security Advisory - AST-2021-001
Copyright © 2020 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its original, unaltered form.