CVE-2023-38703

🗓️ 06 Oct 2023 14:15:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 39 Views

Vulnerability in PJSIP library with SRTP may cause use-after-free issue and application termination

Reporter	Title	Published	Views	Family All 38
AlpineLinux	CVE-2023-38703	6 Oct 202313:46	–	alpinelinux
Circl	CVE-2023-38703	6 Oct 202318:13	–	circl
CNNVD	PJSIP Resource Management Error Vulnerability	6 Oct 202300:00	–	cnnvd
CVE	CVE-2023-38703	6 Oct 202313:46	–	cve
Cvelist	CVE-2023-38703 PJSIP has use-after-free vulnerability in SRTP media transport	6 Oct 202313:46	–	cvelist
Debian	[SECURITY] [DLA 3696-1] asterisk security update	28 Dec 202323:01	–	debian
Debian	[SECURITY] [DSA 5596-1] asterisk security update	4 Jan 202421:21	–	debian
Debian CVE	CVE-2023-38703	6 Oct 202313:46	–	debiancve
Tenable Nessus	Debian dla-3696 : asterisk - security update	22 Jan 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2023-38703	5 Mar 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	22.04	any	asterisk	0	asterisk_0_any.deb
Ubuntu	24.04	any	asterisk	0	asterisk_0_any.deb
Ubuntu	25.10	any	asterisk	0	asterisk_0_any.deb
Ubuntu	18.04	any	asterisk	0	asterisk_0_any.deb
Ubuntu	20.04	any	asterisk	0	asterisk_0_any.deb
Ubuntu	26.04	any	asterisk	0	asterisk_0_any.deb
Ubuntu	18.04	any	ring	0	ring_0_any.deb
Ubuntu	20.04	any	ring	0	ring_0_any.deb

Source	Link
github	www.github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d
github	www.github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66
cve	www.cve.org/CVERecord

11 Jul 2025 07:55Current

7.2High risk

Vulners AI Score7.2

CVSS 3.19.8

EPSS0.0128

SSVC

pjsip srtp use-after-free application termination multimedia library vulnerability