ALPINE-CVE-2026-40614

See a problem?
Please try reporting it to the source first.
Source
https://security.alpinelinux.org/vuln/CVE-2026-40614
Import Source
https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2026-40614.json
JSON Data
https://api.osv.dev/v1/vulns/ALPINE-CVE-2026-40614
Upstream
  • CVE-2026-40614
Published
2026-04-21T19:16:17.880Z
Modified
2026-06-15T18:18:11.224091355Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers (decframe[].buf) were allocated based on a PCM-derived formula: (samplerate/1000) * 60 * channelcnt * 2. At 8 kHz mono this yields only 960 bytes, but codecparse() can output encoded frames up to MAXENCODEDPACKETSIZE (1280) bytes via opusrepacketizeroutrange(). The three pjmemcpy() calls in codecdecode() copied input->size bytes without bounds checking, causing a heap buffer overflow.

References

Affected packages

Alpine:v3.24 / pjproject

Package

Name
pjproject
Purl
pkg:apk/alpine/pjproject?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.17.0-r0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2026-40614.json"