CVE-2021-41141
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-41141
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41141.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-41141
- Downstream
- Related
- Published
- 2022-01-04T19:15:14Z
- Modified
- 2025-10-21T06:34:51.523502Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently held locks. This could result in a system deadlock, which cause a denial of service for the users. No release has yet been made which contains the linked fix commit. All versions up to an including 2.11.1 are affected. Users may need to manually apply the patch.
- References
Affected packages
Git / github.com/pjsip/pjproject
Affected ranges
- Type
- GIT
- Repo
- https://github.com/pjsip/pjproject
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-03ee402f",
"target": {
"function": "ipp_alloc_codec",
"file": "pjmedia/src/pjmedia-codec/ipp_codecs.c"
},
"signature_type": "Function",
"digest": {
"length": 1703.0,
"function_hash": "125819378138438011945101975972714730583"
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-07c56a76",
"target": {
"function": "and_media_alloc_codec",
"file": "pjmedia/src/pjmedia-codec/and_aud_mediacodec.cpp"
},
"signature_type": "Function",
"digest": {
"length": 1885.0,
"function_hash": "218747591657902152153048284437613970685"
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-1a8f7587",
"target": {
"function": "pjmedia_vid_conf_add_port",
"file": "pjmedia/src/pjmedia/vid_conf.c"
},
"signature_type": "Function",
"digest": {
"length": 3356.0,
"function_hash": "190625584317204092340902755318678238446"
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-232e7a07",
"target": {
"function": "pjmedia_codec_speex_deinit",
"file": "pjmedia/src/pjmedia-codec/speex_codec.c"
},
"signature_type": "Function",
"digest": {
"length": 506.0,
"function_hash": "127215111352915922616233338091525364126"
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-44c0ac64",
"target": {
"file": "pjmedia/src/pjmedia-codec/speex_codec.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"72034850421652991240548021149377817480",
"203251017706402886707205695389579332104",
"99152012475625321446728044985670103095",
"146871446473456870424328070735923549556"
]
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-44d44fad",
"target": {
"function": "pjmedia_vid_conf_disconnect_port",
"file": "pjmedia/src/pjmedia/vid_conf.c"
},
"signature_type": "Function",
"digest": {
"length": 1762.0,
"function_hash": "49066555164047112227048680437507419728"
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-46016e72",
"target": {
"function": "alloc_codec",
"file": "pjmedia/src/pjmedia-codec/passthrough.c"
},
"signature_type": "Function",
"digest": {
"length": 1144.0,
"function_hash": "1558841312698371581735315458188734871"
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-5439ce4e",
"target": {
"file": "pjmedia/src/pjmedia-codec/ipp_codecs.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"234908212969495671642843883676120856444",
"13549203495841430523536775640372282430",
"148675843466775740615785274310661116510",
"135051868329340805665782257757022513986"
]
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-58d1be4c",
"target": {
"file": "pjmedia/src/pjmedia-codec/and_aud_mediacodec.cpp"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"234908212969495671642843883676120856444",
"13549203495841430523536775640372282430",
"148675843466775740615785274310661116510",
"230631042012119564335125601454259158752"
]
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-5c66fe11",
"target": {
"file": "pjmedia/src/pjmedia-codec/passthrough.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"234908212969495671642843883676120856444",
"98242687775482903560560409145528622969",
"201909697535225212013928998963604089897",
"196592156847247617171977464365492140017"
]
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-7b37b07e",
"target": {
"file": "pjmedia/src/pjmedia-codec/opus.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"174454471093818320377444601527960357446",
"278089180272853581080648432998689411013",
"275244125115495833982093692942278555399",
"210685476538547168922816857567395682753",
"50154784472544610356918628243528921834",
"180354783132405596052944926421275482317",
"57550829429154264206521301090145632057",
"312946977918712990627043260194089146068"
]
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-7f5906f8",
"target": {
"function": "codec_open",
"file": "pjmedia/src/pjmedia-codec/opus.c"
},
"signature_type": "Function",
"digest": {
"length": 4447.0,
"function_hash": "144597341741900568512502988983669567987"
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-9f88bc5c",
"target": {
"function": "pjmedia_vid_conf_remove_port",
"file": "pjmedia/src/pjmedia/vid_conf.c"
},
"signature_type": "Function",
"digest": {
"length": 931.0,
"function_hash": "120225991693687630763710444690840716075"
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-a94d3ca5",
"target": {
"file": "pjmedia/src/pjmedia/vid_conf.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"190982183164846774748421382942672713865",
"196395715521384268165319541454123849993",
"135116797563231877181267927192651407960",
"222059502984561508293679063064947106202",
"122271856572625934038181984640289849662",
"242410098765156215846003211077764528189",
"114725590555173349627361846252235233586",
"279682066956964399708364752639132164106",
"120572928585327191159376768811161557046",
"232972406738799361017418318677718238542",
"87910392168721981099208608882630840223",
"330198222604212706547984307958013840552",
"186730181444343241082625980656706679976",
"218802757759411467898987744259810142954",
"312202595775928298988746582104998337025",
"25694742666059840431784252226301704172",
"53979542702504968436543266240527673093",
"228722063715379213927443388444861978684",
"257858441994775897896115169948244554161",
"203307914328907667018693401286951951222",
"96191017563577212516453737021105708620",
"311918063797087912660201603526849430295",
"48544634401613434956878623443256554740",
"119309695636171477265703522507653297743",
"334964263292428005003037616713448856775",
"99302475786573776551243703293462721356",
"19427346756099751934444400741464289456",
"230897361952791293046200725240233952546",
"191934083439188089426991643018507829131",
"291317209317879890648183048173582792219",
"247275008214612627927342006665589863230",
"139705178460756643425057447584530174266",
"79096934884551930039340152809056130625",
"114563732423907951168976724549724572804",
"263835534702141159614534112046163642490",
"230897361952791293046200725240233952546",
"191934083439188089426991643018507829131",
"291317209317879890648183048173582792219",
"247275008214612627927342006665589863230"
]
}
},
{
"source": "https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2021-41141-b41ac2e4",
"target": {
"function": "pjmedia_vid_conf_connect_port",
"file": "pjmedia/src/pjmedia/vid_conf.c"
},
"signature_type": "Function",
"digest": {
"length": 2126.0,
"function_hash": "166193237661465554418975624517860118237"
}
}
]