CVE-2026-23740

Source
https://cve.org/CVERecord?id=CVE-2026-23740
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23740.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-23740
Aliases
  • GHSA-xpc6-x892-v83c
Downstream
Published
2026-02-06T16:43:41.330Z
Modified
2026-07-08T08:04:57.974052918Z
Severity
  • 0.0 (None) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N CVSS Calculator
Summary
Asterisk vulnerable to potential privilege escalation
Details

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, when ast_coredumper writes its gdb init and output files to a directory that is world-writable (for example /tmp), an attacker with write permission(which is all users on a linux system) to that directory can cause root to execute arbitrary commands or overwrite arbitrary files by controlling the gdb init file and output paths. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23740.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-427"
    ]
}
References

Affected packages

Git / github.com/asterisk/asterisk

Affected ranges

Type
GIT
Repo
https://github.com/asterisk/asterisk
Events
Database specific
{
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "cpe": [
        "cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:rc1:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:rc2:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert1-rc1:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert1-rc2:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert1-rc3:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert1-rc4:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert1-rc5:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert10:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert11:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert12:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert13:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert14:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert4-rc1:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert4-rc2:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert4-rc3:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8:cert4-rc4:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:-:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert1:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert1-rc1:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert10:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert11:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert12:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert13:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert14:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert15:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert16:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert2:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert3:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert4:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert5:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert6:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert7:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert8:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert8-rc1:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert8-rc2:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert9:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:20.7:cert1:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:20.7:cert1-rc1:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:20.7:cert1-rc2:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:20.7:cert2:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:20.7:cert3:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:20.7:cert4:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:20.7:cert5:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:20.7:cert6:*:*:*:*:*:*",
        "cpe:2.3:a:sangoma:certified_asterisk:20.7:cert7:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "20.18.2"
        },
        {
            "introduced": "21.0.0"
        },
        {
            "fixed": "21.12.1"
        },
        {
            "introduced": "22.0.0"
        },
        {
            "fixed": "22.8.2"
        },
        {
            "introduced": "23.0.0"
        },
        {
            "fixed": "23.2.2"
        },
        {
            "introduced": "13.13.0-NA"
        },
        {
            "last_affected": "13.13.0-NA"
        },
        {
            "introduced": "13.13.0-rc1"
        },
        {
            "last_affected": "13.13.0-rc1"
        },
        {
            "introduced": "13.13.0-rc2"
        },
        {
            "last_affected": "13.13.0-rc2"
        },
        {
            "introduced": "16.8-cert1\\-rc1"
        },
        {
            "last_affected": "16.8-cert1\\-rc1"
        },
        {
            "introduced": "16.8-cert1\\-rc2"
        },
        {
            "last_affected": "16.8-cert1\\-rc2"
        },
        {
            "introduced": "16.8-cert1\\-rc3"
        },
        {
            "last_affected": "16.8-cert1\\-rc3"
        },
        {
            "introduced": "16.8-cert1\\-rc4"
        },
        {
            "last_affected": "16.8-cert1\\-rc4"
        },
        {
            "introduced": "16.8-cert1\\-rc5"
        },
        {
            "last_affected": "16.8-cert1\\-rc5"
        },
        {
            "introduced": "16.8-cert10"
        },
        {
            "last_affected": "16.8-cert10"
        },
        {
            "introduced": "16.8-cert11"
        },
        {
            "last_affected": "16.8-cert11"
        },
        {
            "introduced": "16.8-cert12"
        },
        {
            "last_affected": "16.8-cert12"
        },
        {
            "introduced": "16.8-cert13"
        },
        {
            "last_affected": "16.8-cert13"
        },
        {
            "introduced": "16.8-cert14"
        },
        {
            "last_affected": "16.8-cert14"
        },
        {
            "introduced": "16.8-cert4\\-rc1"
        },
        {
            "last_affected": "16.8-cert4\\-rc1"
        },
        {
            "introduced": "16.8-cert4\\-rc2"
        },
        {
            "last_affected": "16.8-cert4\\-rc2"
        },
        {
            "introduced": "16.8-cert4\\-rc3"
        },
        {
            "last_affected": "16.8-cert4\\-rc3"
        },
        {
            "introduced": "16.8-cert4\\-rc4"
        },
        {
            "last_affected": "16.8-cert4\\-rc4"
        },
        {
            "introduced": "16.8.0-NA"
        },
        {
            "last_affected": "16.8.0-NA"
        },
        {
            "introduced": "18.9-NA"
        },
        {
            "last_affected": "18.9-NA"
        },
        {
            "introduced": "18.9-cert1"
        },
        {
            "last_affected": "18.9-cert1"
        },
        {
            "introduced": "18.9-cert1\\-rc1"
        },
        {
            "last_affected": "18.9-cert1\\-rc1"
        },
        {
            "introduced": "18.9-cert10"
        },
        {
            "last_affected": "18.9-cert10"
        },
        {
            "introduced": "18.9-cert11"
        },
        {
            "last_affected": "18.9-cert11"
        },
        {
            "introduced": "18.9-cert12"
        },
        {
            "last_affected": "18.9-cert12"
        },
        {
            "introduced": "18.9-cert13"
        },
        {
            "last_affected": "18.9-cert13"
        },
        {
            "introduced": "18.9-cert14"
        },
        {
            "last_affected": "18.9-cert14"
        },
        {
            "introduced": "18.9-cert15"
        },
        {
            "last_affected": "18.9-cert15"
        },
        {
            "introduced": "18.9-cert16"
        },
        {
            "last_affected": "18.9-cert16"
        },
        {
            "introduced": "18.9-cert2"
        },
        {
            "last_affected": "18.9-cert2"
        },
        {
            "introduced": "18.9-cert3"
        },
        {
            "last_affected": "18.9-cert3"
        },
        {
            "introduced": "18.9-cert4"
        },
        {
            "last_affected": "18.9-cert4"
        },
        {
            "introduced": "18.9-cert5"
        },
        {
            "last_affected": "18.9-cert5"
        },
        {
            "introduced": "18.9-cert6"
        },
        {
            "last_affected": "18.9-cert6"
        },
        {
            "introduced": "18.9-cert7"
        },
        {
            "last_affected": "18.9-cert7"
        },
        {
            "introduced": "18.9-cert8"
        },
        {
            "last_affected": "18.9-cert8"
        },
        {
            "introduced": "18.9-cert8\\-rc1"
        },
        {
            "last_affected": "18.9-cert8\\-rc1"
        },
        {
            "introduced": "18.9-cert8\\-rc2"
        },
        {
            "last_affected": "18.9-cert8\\-rc2"
        },
        {
            "introduced": "18.9-cert9"
        },
        {
            "last_affected": "18.9-cert9"
        },
        {
            "introduced": "20.7-cert1"
        },
        {
            "last_affected": "20.7-cert1"
        },
        {
            "introduced": "20.7-cert1\\-rc1"
        },
        {
            "last_affected": "20.7-cert1\\-rc1"
        },
        {
            "introduced": "20.7-cert1\\-rc2"
        },
        {
            "last_affected": "20.7-cert1\\-rc2"
        },
        {
            "introduced": "20.7-cert2"
        },
        {
            "last_affected": "20.7-cert2"
        },
        {
            "introduced": "20.7-cert3"
        },
        {
            "last_affected": "20.7-cert3"
        },
        {
            "introduced": "20.7-cert4"
        },
        {
            "last_affected": "20.7-cert4"
        },
        {
            "introduced": "20.7-cert5"
        },
        {
            "last_affected": "20.7-cert5"
        },
        {
            "introduced": "20.7-cert6"
        },
        {
            "last_affected": "20.7-cert6"
        },
        {
            "introduced": "20.7-cert7"
        },
        {
            "last_affected": "20.7-cert7"
        }
    ]
}

Affected versions

13.*
13.13.0-NA
13.13.0-rc1
13.13.0-rc2
16.*
16.8-cert10
16.8-cert11
16.8-cert12
16.8-cert13
16.8-cert14
16.8-cert1\-rc1
16.8-cert1\-rc2
16.8-cert1\-rc3
16.8-cert1\-rc4
16.8-cert1\-rc5
16.8-cert4\-rc1
16.8-cert4\-rc2
16.8-cert4\-rc3
16.8-cert4\-rc4
16.8.0-NA
18.*
18.9-NA
18.9-cert1
18.9-cert10
18.9-cert11
18.9-cert12
18.9-cert13
18.9-cert14
18.9-cert15
18.9-cert16
18.9-cert1\-rc1
18.9-cert2
18.9-cert3
18.9-cert4
18.9-cert5
18.9-cert6
18.9-cert7
18.9-cert8
18.9-cert8\-rc1
18.9-cert8\-rc2
18.9-cert9
20.*
20.10.0
20.10.0-rc1
20.10.0-rc2
20.11.0
20.11.0-rc1
20.11.1
20.12.0
20.12.0-rc1
20.12.0-rc2
20.13.0
20.13.0-rc1
20.14.0
20.14.0-rc1
20.15.0
20.15.0-rc1
20.15.0-rc2
20.15.0-rc3
20.15.1
20.15.2
20.16.0
20.16.0-rc1
20.16.0-rc2
20.17.0
20.17.0-rc1
20.17.0-rc2
20.18.0
20.18.0-rc1
20.18.1
20.2.0
20.2.0-rc1
20.2.1
20.3.0
20.3.0-rc1
20.3.1
20.4.0
20.4.0-rc1
20.4.0-rc2
20.5.0
20.5.0-rc1
20.5.1
20.5.2
20.6.0
20.6.0-rc1
20.6.0-rc2
20.7-cert1
20.7-cert1\-rc1
20.7-cert1\-rc2
20.7-cert2
20.7-cert3
20.7-cert4
20.7-cert5
20.7-cert6
20.7-cert7
20.7.0
20.7.0-rc1
20.7.0-rc2
20.8.0
20.8.0-rc1
20.8.1
20.9.0
20.9.0-rc1
20.9.1
20.9.2
20.9.3
21.*
21.0.0
21.0.1
21.0.2
21.1.0
21.1.0-rc1
21.1.0-rc2
21.10.0
21.10.0-rc1
21.10.0-rc2
21.10.0-rc3
21.10.1
21.10.2
21.11.0
21.11.0-rc1
21.11.0-rc2
21.12.0
21.12.0-rc1
21.12.0-rc2
21.2.0
21.2.0-rc1
21.2.0-rc2
21.3.0
21.3.0-rc1
21.3.1
21.4.0
21.4.0-rc1
21.4.1
21.4.2
21.4.3
21.5.0
21.5.0-rc1
21.5.0-rc2
21.6.0
21.6.0-rc1
21.6.1
21.7.0
21.7.0-rc1
21.7.0-rc2
21.8.0
21.8.0-rc1
21.9.0
21.9.0-rc1
22.*
22.0.0
22.1.0
22.1.0-rc1
22.1.1
22.2.0
22.2.0-rc1
22.2.0-rc2
22.3.0
22.3.0-rc1
22.4.0
22.4.0-rc1
22.5.0
22.5.0-rc1
22.5.0-rc2
22.5.0-rc3
22.5.1
22.5.2
22.6.0
22.6.0-rc1
22.6.0-rc2
22.7.0
22.7.0-rc1
22.7.0-rc2
22.8.0
22.8.0-rc1
22.8.1
22.8.2
23.*
23.0.0
23.1.0
23.1.0-rc1
23.1.0-rc2
23.2.0
23.2.0-rc1
23.2.1
certified-20.*
certified-20.7-cert1-pre1
certified-22.*
certified-22.8-cert1
certified-22.8-cert1-pre1
certified-22.8-cert1-rc1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23740.json"