Out Of Bounds Read

2023-03-2209:05:27

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

sofia-sip

out-of-bounds read

sip_method_d

sip_parser.c

attacker

application crash

malicious sdp

freeswitch

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

52.1%

JSON

Sofia-SIP is vulnerable to an Out-of-bounds Read. This vulnerability is present in the sip_method_d function of sip_parser.c, and it enables an attacker to potentially trigger an application crash by sending a maliciously crafted message containing a malicious SDP (Session Description Protocol) to FreeSWITCH. This type of crash could be induced by the #define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0) code, which might result in an increased value of n and subsequently lead to an out-of-bounds access when evaluating IS_NON_WS(s[n]).

CPENameOperatorVersion
sofia-sip:3.15eq1.13.6-r0
sofia-sip:3.15eq1.13.4-r2
sofia-sip:3.14eq1.13.3-r0
sofia-sip:3.14eq1.13.4-r0
sofia-sip:edgeeq1.13.3-r0
sofia-sip:edgeeq1.13.6-r0
sofia-sip:edgeeq1.13.7-r0
sofia-sip:edgeeq1.13.4-r0
sofia-sip:edgeeq1.13.4-r2
sofia-sip:3.16eq1.13.7-r0

Name	Operator	Version
sofia-sip:3.15	eq	1.13.6-r0
sofia-sip:3.15	eq	1.13.4-r2
sofia-sip:3.14	eq	1.13.3-r0
sofia-sip:3.14	eq	1.13.4-r0
sofia-sip:edge	eq	1.13.3-r0
sofia-sip:edge	eq	1.13.6-r0
sofia-sip:edge	eq	1.13.7-r0
sofia-sip:edge	eq	1.13.4-r0
sofia-sip:edge	eq	1.13.4-r2
sofia-sip:3.16	eq	1.13.7-r0