CVE-2018-16657

In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcittstringarray core function for calculating a CRC hash for To tags. (An additional error is present in the checkviaaddress core function: this function also misses input validation.) This could result in denial of service and potentially the execution of arbitrary code.

References

Affected packages

Git / github.com/kamailio/kamailio

Affected ranges

Type

GIT

Repo

https://github.com/kamailio/kamailio

Events

Introduced

Fixed

743c2d71beda536be3dd3b07b0f9b1d4b7e42743

Introduced

28011aa9fdca7012103506d9a437c8e44dc8963c

Fixed

b7547543f64511ca7103f21e24c839127b01a3f4

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.0.7"
        },
        {
            "introduced": "5.1.0"
        },
        {
            "fixed": "5.1.4"
        }
    ]
}

Affected versions

5.*

5.1.0

5.1.1

5.1.2

5.1.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16657.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    }
]