CVE-2023-37457

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa.

Database specific

{
    "cwe_ids": [
        "CWE-120"
    ]
}

References

Affected packages

Git / github.com/asterisk/asterisk

Affected ranges

Type: GIT
Repo: https://github.com/asterisk/asterisk
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

5c38e52afcda9c65d422b0f7323d7dc63746dc7f

Type: GIT
Repo: https://github.com/asterisk/asterisk
Events: Introduced

de4f63b4824c91a0cd9f3d95f3b7923bec71960c

Last affected

c94e2b2000cd9781cd2be7b4050b7f3cde851e01

Type: GIT
Repo: https://github.com/asterisk/asterisk
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

12da95e53ff42287ad69d6d5922e06c3d62010ac

Type: GIT
Repo: https://github.com/asterisk/asterisk
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

b2a1aa2d1090b765d064ef8edda9118c25e2346f

Affected versions

18.*

18.17.0

18.17.0-rc1

18.17.1

18.18.0

18.18.0-rc1

18.18.1

18.19.0

18.19.0-rc1

18.19.0-rc2

18.20.0

18.20.0-rc1

18.9.0

18.9.0-rc1

21.*

21.0.0

21.0.0-pre1

21.0.0-rc1

certified-18.*

certified-18.9-cert4

certified-18.9-cert5

certified/18.*

certified/18.9-cert1

certified/18.9-cert1-rc1

certified/18.9-cert2

certified/18.9-cert3

certified/18.9-cert4