CVE-2022-23608

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-23608
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23608.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-23608
Aliases
  • GHSA-ffff-m5fm-qm62
Downstream
Published
2022-02-22T00:00:00Z
Modified
2025-10-29T14:02:10.413771Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Use after free in PJSIP
Details

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior such as dialog list collision which eventually leading to endless loop. A patch is available in commit db3235953baa56d2fb0e276ca510fefca751643f which will be included in the next release. There are no known workarounds for this issue.

Database specific
{
    "cwe_ids": [
        "CWE-416"
    ]
}
References

Affected packages

Git / github.com/asterisk/asterisk

Affected ranges

Type
GIT
Repo
https://github.com/asterisk/asterisk
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

16.*

16.8.0-rc1
16.8.0-rc2

Git / github.com/pjsip/pjproject

Affected ranges

Type
GIT
Repo
https://github.com/pjsip/pjproject
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

2.*

2.10
2.11

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f",
        "target": {
            "function": "pjsip_ua_register_dlg",
            "file": "pjsip/src/pjsip/sip_ua_layer.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2022-23608-355230e4",
        "signature_type": "Function",
        "digest": {
            "length": 1293.0,
            "function_hash": "70864365647463181531377157832882948337"
        }
    },
    {
        "source": "https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f",
        "target": {
            "file": "pjsip/src/pjsip/sip_ua_layer.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2022-23608-72a4e833",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "35044963737909182750976988013543151585",
                "274144572850971968984223178129741964378",
                "327866941129416586371485987256680653042",
                "278964308653987790508818723557346007876",
                "118617777954467364660685834425431110951",
                "39842029878659853167124900145533447634",
                "233583658050670777957317585774738673718",
                "152376793907742555565342316863043999706",
                "81034486586616770828769400067039068473",
                "331762626478723345717002742214489832028",
                "329744869666591730109847079269929734320",
                "100483151796278282844702008557340325697",
                "262966323463297120054712802588079457600",
                "188241175192256331206783565689951138161",
                "106471595696240651924335432149740784991",
                "233583658050670777957317585774738673718",
                "165310500601666153320010031136945376552",
                "152376793907742555565342316863043999706",
                "81034486586616770828769400067039068473",
                "79050953633119509235323932178218138010",
                "265623418085474705873340500298327138396",
                "234472024739533618775547351440906541130",
                "37774906820175420339822954680670494402",
                "268477980689351220442711958497006533322",
                "322982064135337224451875461834467683015",
                "258195686411967309294252780938776064437",
                "266785147904183242574817808076079443858",
                "183780306884699047150813257099414824076",
                "224370694348844285127264539487701550048"
            ]
        }
    },
    {
        "source": "https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f",
        "target": {
            "function": "pjsip_ua_unregister_dlg",
            "file": "pjsip/src/pjsip/sip_ua_layer.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2022-23608-c5a425ce",
        "signature_type": "Function",
        "digest": {
            "length": 796.0,
            "function_hash": "211805886419818402529225624580225128528"
        }
    }
]