CVE-2024-42491

🗓️ 05 Sep 2024 17:17:56Reported by GitHub_MType

Asterisk SIP Request Crash Fi

Reporter	Title	Published	Views	Family All 41
AlpineLinux	CVE-2024-42491	5 Sep 202417:17	–	alpinelinux
Circl	CVE-2024-42491	5 Sep 202421:23	–	circl
CNNVD	Asterisk 安全漏洞	5 Sep 202400:00	–	cnnvd
Cvelist	CVE-2024-42491 A malformed Contact or Record-Route URI in an incoming SIP request can cause Asterisk to crash when res_resolver_unbound is used	5 Sep 202417:17	–	cvelist
Debian	[SECURITY] [DLA 3925-1] asterisk security update	20 Oct 202421:27	–	debian
Debian CVE	CVE-2024-42491	5 Sep 202417:17	–	debiancve
Tenable Nessus	Debian dla-3925 : asterisk - security update	20 Oct 202400:00	–	nessus
Tenable Nessus	Fedora 44 : asterisk (2026-38d71393c1)	30 Apr 202600:00	–	nessus
Tenable Nessus	Fedora 43 : asterisk (2026-80b21debe7)	30 Apr 202600:00	–	nessus
Tenable Nessus	Fedora 42 : asterisk (2026-98decbde87)	30 Apr 202600:00	–	nessus

NVD

Vulners

Node

sangoma asteriskRange<18.24.3

sangoma asteriskRange20.0.0–20.9.3

sangoma asteriskRange21.0.0–21.4.3

Node

sangoma certified_asteriskRange<18.9

sangoma certified_asteriskMatch18.9-

sangoma certified_asteriskMatch18.9cert1

sangoma certified_asteriskMatch18.9cert1-rc1

sangoma certified_asteriskMatch18.9cert10

sangoma certified_asteriskMatch18.9cert11

sangoma certified_asteriskMatch18.9cert2

sangoma certified_asteriskMatch18.9cert3

sangoma certified_asteriskMatch18.9cert4

sangoma certified_asteriskMatch18.9cert5

sangoma certified_asteriskMatch18.9cert6

sangoma certified_asteriskMatch18.9cert7

sangoma certified_asteriskMatch18.9cert8

sangoma certified_asteriskMatch18.9cert8-rc1

sangoma certified_asteriskMatch18.9cert8-rc2

sangoma certified_asteriskMatch18.9cert9

sangoma certified_asteriskMatch20.7cert1

sangoma certified_asteriskMatch20.7cert1-rc1

sangoma certified_asteriskMatch20.7cert1-rc2

sangoma certified_asteriskMatch20.7cert2

[
  {
    "vendor": "asterisk",
    "product": "asterisk",
    "versions": [
      {
        "version": "< 18.24.3",
        "status": "affected"
      },
      {
        "version": ">= 19.0.0, < 20.9.3",
        "status": "affected"
      },
      {
        "version": ">= 21.0.0, < 21.4.3",
        "status": "affected"
      },
      {
        "version": "< 18.9-cert12",
        "status": "affected"
      },
      {
        "version": ">= 19.0, < 20.7-cert2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/asterisk/asterisk/commit/50bf8d4d3064930d28ecf1ce3397b14574d514d2
github	www.github.com/asterisk/asterisk/commit/a15050650abf09c10a3c135fab148220cd41d3a0
github	www.github.com/asterisk/asterisk/commit/7a0090325bfa9d778a39ae5f7d0a98109e4651c8
github	www.github.com/asterisk/asterisk/security/advisories/GHSA-v428-g3cw-7hv9
github	www.github.com/asterisk/asterisk/commit/42a2f4ccfa2c7062a15063e765916b3332e34cc4
github	www.github.com/asterisk/asterisk/commit/4f01669c7c41c9184f3cce9a3cf1b2ebf6201742
lists	www.lists.debian.org/debian-lts-announce/2024/10/msg00016.html

03 Nov 2025 22:18Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.15.7

EPSS0.00963

SSVC