CVE-2017-7853

CVE-2017-7853 affects libosip2 (GNU oSIP) in versions 4.1.0 and 5.0.0, where a malformed SIP message can trigger a heap buffer overflow in msg_osip_body_parse(), enabling a remote DoS. Multiple connected advisories confirm the vulnerability and note fixes across distributions (e.g., Debian 4.1.0-...

CVE-2016-10326

The CVE-2016-10326 entry affects libosip2 (GNU oSIP 4.1.0). A malformed SIP message can trigger a heap buffer overflow in osip_body_to_str() (osipparser2/osip_body.c), causing a remote DoS. Connected advisories confirm related issues across distributions (e.g., Debian DLA-898-1, SUSE/openSUSE upd...

CVE-2016-10325

CVE-2016-10325 affects libosip2 (GNU oSIP) 4.1.0, where a malformed SIP message can cause a heap buffer overflow in the _osip_message_to_str() function, leading to a remote denial of service. Connected advisories corroborate the issue across multiple distros and report fixes in updated libosip2 p...

CVE-2016-10324

CVE-2016-10324 concerns libosip2 (GNU oSIP) 4.1.0 where a malformed SIP message can trigger a heap buffer overflow in osip_clrncpy() (osipparser2/osip_port.c). Related entries cite additional heap-based DoS issues in the same libosip2 release family (CVE-2016-10325, CVE-2016-10326) and CVE-2017-7...

CVE-2022-41550

CVE-2022-41550 concerns GNU oSIP v5.3.0, where an integer overflow occurs in the osip_body_parse_header component. The vulnerability affects multiple distributions that bundle libosip2/osip, with CVSS 3.1 base score 6.5 (Network attack, User interaction required; HIGH impact on availability). Con...