Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
172
security advisorydenial of servicebuffer overflowUbuntu 20.04: USN-7416-1 moderate: Kamailio Memory Issues
Several security issues were fixed in Kamailio.. ========================================================================== Ubuntu Security Notice USN-7416-1 April 07, 2025 kamailio vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Kamailio. Software Description: - kamailio: very fast, dynamic and configurable SIP server Details: Stelios Tsampas discovered that Kamailio did not correctly handle certain memory operations, which could lead to a buffer overflow. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-2385) Henning Westerholt discovered that Kamailio did not correctly handle duplicated headers, which could lead to a segmentation fault. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-14767) It was discovered that Kamailio did not correctly handle parsing certain headers containing whitespace characters. An authenticated attacker could possibly use this issue to gain access to unauthorized resources and expose sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-28361) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS kamailio 5.3.2-1ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS kamailio 5.1.2-1ubuntu2+esm2 Available with UbuntuPro Ubuntu 16.04 LTS kamailio 4.3.4-1.1ubuntu2.1+esm2 Available with Ubuntu Pro After a standard system update you need to restart Kamailio to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7416-1 CVE-2016-2385, CVE-2018-14767, CVE-2020-28361 . Multiple security weaknesses in Kamailio need prompt updates for Ubuntu versions 20.04, 18.04, and 16.04. Essential patches are now accessible.. Kamailio Updates, Ubuntu Security, Buffer Overflow Risks. . LinuxSecurity.com Team
Apr 07, 2025
Ubuntu
197
security advisorydenial of servicedebianDebian 10: DLA-3438-1 Moderate: Kamailio DoS Attack Mitigation
It was discovered that there was a potential denial-of-service (DoS) attack in the Kamailio SIP telephony server. This was caused by the Kamailio server mishandling INVITE requests with duplicated fields. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3438-1
May 30, 2023
Debian LTS
172
security advisorydenial of servicesoftware updateUbuntu 20.04 ESM: 6023-1 Critical: OpenSSH Connection Issue
Kamailio could be made to crash or run programs if it received specially crafted input.. =========================================================================Ubuntu Security Notice USN-6022-1 April 14, 2023 kamailio vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 ESM - Ubuntu 18.04 ESM - Ubuntu 16.04 ESM Summary: Kamailio could be made to crash or run programs if it received specially crafted input. Software Description: - kamailio: very fast, dynamic and configurable SIP server Details: It was discovered that Kamailio did not properly sanitize SIP messages under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and 18.04 ESM. (CVE-2018-16657) It was discovered that Kamailio did not properly validate INVITE requests under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. (CVE-2020-27507) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 ESM: kamailio 5.3.2-1ubuntu0.1~esm1 Ubuntu 18.04 ESM: kamailio 5.1.2-1ubuntu2+esm1 Ubuntu 16.04 ESM: kamailio 4.3.4-1.1ubuntu2.1+esm1 In general, a standard system update will make all the necessary changes. References: CVE-2018-16657, CVE-2020-27507 . The April 14, 2023 advisory addresses vulnerabilities in Kamailio, which may result in potential system crashes and unauthorized code execution on Ubuntu platforms.. Kamailio, Ubuntu ESM, Security Notice, Software Update. . Severity: Critical. LinuxSecurity.com Team
Apr 14, 2023
•Critical
Ubuntu
172
security advisorydenial of servicesoftware updateUbuntu 16.04 LTS: USN-4240-1 High: Kamailio Denial Of Service
kamailio could be made to crash if it opened a specially crafted file.. =========================================================================Ubuntu Security Notice USN-4240-1 January 16, 2020 kamailio vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: kamailio could be made to crash if it opened a specially crafted file. Software Description: - kamailio: very fast and configurable SIP proxy Details: It was discovered that Kamailio incorrectly handled a specially crafted file. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: kamailio 4.3.4-1.1ubuntu2.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4240-1 CVE-2018-8828 Package Information: https://launchpad.net/ubuntu/+source/kamailio/4.3.4-1.1ubuntu2.1 . A security flaw in Kamailio present in Ubuntu 16.04 LTS can lead to a denial of service attack through the use of specifically designed files.. kamailio vulnerability, Ubuntu security, denial of service, software update, crash issue. . Severity: Important. LinuxSecurity.com Team
Jan 16, 2020
•Important
Ubuntu
197
security advisorydenial of servicecode executionDebian 8: DLA-1503-1 Moderate: Kamailio DoS And Code Exec Issue
It was discovered that there was a denial of service and a potential arbitrary code execution vulnerability in the kamailio SIP server. A specially-crafted SIP message with an invalid "Via" header could cause a . Package : kamailio Version : 4.2.0-2+deb8u5 CVE ID : CVE-2018-16657 Debian Bug : #908324 It was discovered that there was a denial of service and a potential arbitrary code execution vulnerability in the kamailio SIP server. A specially-crafted SIP message with an invalid "Via" header could cause a segmentation fault and crash Kamailio due to missing input validation. For Debian 8 "Jessie", this issue has been fixed in kamailio version 4.2.0-2+deb8u5. We recommend that you upgrade your kamailio packages. Regards, - -- ,'`. : :' : Chris Lamb `. `'`
Sep 12, 2018
Debian LTS
87
security advisorydenial of servicesecurity issueDebian: DSA-4292-1 Moderate: Kamailio Denial of Service Threat
Henning Westerholt discovered a flaw related to the Via header processing in kamailio, a very fast, dynamic and configurable SIP server. An unauthenticated attacker can take advantage of this flaw to mount a denial of service attack via a specially crafted SIP message . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4292-1
Sep 11, 2018
Debian
197
security advisorydenial of servicecriticalDebian 9 Stretch: DLA-1973-1 Severe: Apache Struts Remote Code Execution
CVE-2018-14767 Fix for missing input validation, which could result in denial of service and potentially the execution of arbitrary code. . Package : kamailio Version : 4.2.0-2+deb8u4 CVE ID : CVE-2018-14767 CVE-2018-14767 Fix for missing input validation, which could result in denial of service and potentially the execution of arbitrary code. For Debian 8 "Jessie", this problem has been fixed in version 4.2.0-2+deb8u4. We recommend that you upgrade your kamailio packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Update kamailio to address CVE-2018-14767, which presented vulnerabilities leading to potential denial of service and arbitrary code execution threats.. kamailio Security, Debian LTS Update, Denial of Service Fix, Software Vulnerability Patch. . Severity: Critical. LinuxSecurity.com Team
Aug 19, 2018
•Critical
Debian LTS
87
security advisorydenial of servicesecurity issueDebian: DSA-4267-1 Critical: Kamailio To Header DoS Risk
Henning Westerholt discovered a flaw related to the To header processing in kamailio, a very fast, dynamic and configurable SIP server. Missing input validation in the build_res_buf_from_sip_req function could result in denial of service and potentially the execution of arbitrary code. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4267-1
Aug 08, 2018
•Critical
Debian
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!