Mageia 2022-0343: sofia-sip security update | LinuxSecurity.com

Advisories

What Are You Looking For?

Popular Tags

Contribute

Advisories This Week: 362

MGASA-2022-0343 - Updated sofia-sip packages fix security vulnerability

Publication date: 21 Sep 2022
URL: https://advisories.mageia.org/MGASA-2022-0343.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-31001,
     CVE-2022-31002,
     CVE-2022-31003

An attacker can send a message with evil sdp to FreeSWITCH, which may
a cause a crash due to an out-of-bounds access. (CVE-2022-31001)
An attacker can send a message with evil sdp to FreeSWITCH, which may
cause a crash. (CVE-2022-31002)
An out-of-bounds write. (CVE-2022-31003)

References:
- https://bugs.mageia.org/show_bug.cgi?id=30806
- https://www.debian.org/lts/security/2022/dla-3091
- https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-79jq-hh82-cv9g
- https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm
- https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-pxcp
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003

SRPMS:
- 8/core/sofia-sip-1.12.11-10.1.mga8

Mageia 2022-0343: sofia-sip security update

An attacker can send a message with evil sdp to FreeSWITCH, which may a cause a crash due to an out-of-bounds access

Summary

An attacker can send a message with evil sdp to FreeSWITCH, which may a cause a crash due to an out-of-bounds access. (CVE-2022-31001) An attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. (CVE-2022-31002) An out-of-bounds write. (CVE-2022-31003)

References

- https://bugs.mageia.org/show_bug.cgi?id=30806

- https://www.debian.org/lts/security/2022/dla-3091

- https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-79jq-hh82-cv9g

- https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm

- https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-pxcp

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003

Resolution

MGASA-2022-0343 - Updated sofia-sip packages fix security vulnerability

SRPMS

- 8/core/sofia-sip-1.12.11-10.1.mga8

Severity
Publication date: 21 Sep 2022
URL: https://advisories.mageia.org/MGASA-2022-0343.html
Type: security
CVE: CVE-2022-31001, CVE-2022-31002, CVE-2022-31003

News

Advisories

HOWTOs

Features

Business VPNs: Now More Important Than Ever
Linux Log Analysis
Does Linux Need a Firewall & How To Configure the Linux Firewall with firewall-cmd
What You Need to Know when Considering a VPN on Linux
What Are Checksums & Why Should You Be Using Them?

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy