CVE-2023-37457

Source
https://cve.org/CVERecord?id=CVE-2023-37457
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-37457.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-37457
Aliases
  • GHSA-98rc-4j27-74hh
Downstream
Published
2023-12-14T19:43:30.945Z
Modified
2026-07-08T17:57:16.595778Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Asterisk's PJSIP_HEADER dialplan function can overwrite memory/cause crash when using 'update'
Details

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/37xxx/CVE-2023-37457.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-120"
    ]
}
References

Affected packages

Git / github.com/asterisk/asterisk

Affected ranges

Type
GIT
Repo
https://github.com/asterisk/asterisk
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Introduced
Introduced
Fixed
Database specific
{
    "source": [
        "CPE_RANGE",
        "CPE_STRING",
        "REFERENCES"
    ],
    "cpe": [
        "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:digium:asterisk:21.0.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:rc1:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:rc2:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert1:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert2:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert3:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert4:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert5:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.20.0"
        },
        {
            "introduced": "19.0.0"
        },
        {
            "last_affected": "20.5.0"
        },
        {
            "introduced": "21.0.0"
        },
        {
            "last_affected": "21.0.0"
        },
        {
            "introduced": "13.13.0"
        },
        {
            "last_affected": "13.13.0"
        },
        {
            "introduced": "13.13.0-rc1"
        },
        {
            "last_affected": "13.13.0-rc1"
        },
        {
            "introduced": "13.13.0-rc2"
        },
        {
            "last_affected": "13.13.0-rc2"
        },
        {
            "introduced": "16.8.0-NA"
        },
        {
            "last_affected": "16.8.0-NA"
        },
        {
            "introduced": "18.9-cert1"
        },
        {
            "last_affected": "18.9-cert1"
        },
        {
            "introduced": "18.9-cert2"
        },
        {
            "last_affected": "18.9-cert2"
        },
        {
            "introduced": "18.9-cert3"
        },
        {
            "last_affected": "18.9-cert3"
        },
        {
            "introduced": "18.9-cert4"
        },
        {
            "last_affected": "18.9-cert4"
        },
        {
            "introduced": "18.9-cert5"
        },
        {
            "last_affected": "18.9-cert5"
        }
    ]
}

Affected versions

13.*
13.13.0
13.13.0-rc1
13.13.0-rc2
16.*
16.8.0-NA
18.*
18.9-cert1
18.9-cert2
18.9-cert3
18.9-cert4
18.9-cert5
21.*
21.0.0
= 21.*
= 21.0.0

Database specific

vanir_signatures_modified
"2026-07-08T17:57:16Z"
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-37457.json"
vanir_signatures
[
    {
        "id": "CVE-2023-37457-d5969b49",
        "digest": {
            "line_hashes": [
                "159548957906824277854538295288850676053",
                "239929051654971719448622866075717330742",
                "327544480914766547304774939153046282095",
                "22037373518915781682818387149426104403",
                "52582478101052646613052143770202268734",
                "13260270649188225194790817830413265206",
                "155712923347818368736013152122905932088",
                "122054581060142298997311705906553735862"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/asterisk/asterisk/commit/a1ca0268254374b515fa5992f01340f7717113fa",
        "deprecated": false,
        "target": {
            "file": "res/res_pjsip_header_funcs.c"
        }
    },
    {
        "id": "CVE-2023-37457-f3766f08",
        "digest": {
            "function_hash": "35050234152473757146456454412151458523",
            "length": 683.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/asterisk/asterisk/commit/a1ca0268254374b515fa5992f01340f7717113fa",
        "deprecated": false,
        "target": {
            "function": "update_header",
            "file": "res/res_pjsip_header_funcs.c"
        }
    }
]