CVE-2025-65102 PJSIP is vulnerable to buffer overflow in Opus PLC

PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...

CVE-2025-65102

CVE-2025-65102 affects PJSIP with Opus in the receiving direction. Prior to version 2.16, Opus PLC may zero-fill the input frame if the decoder ptime differs from the input frame length (based on stream ptime), causing a memory overwrite and potential unexpected process termination. The issue is ...