MGASA-2016-0344

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0344.html

Import Source

https://advisories.mageia.org/MGASA-2016-0344.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2016-0344

Upstream

AST-2016-007

Published

2016-10-18T18:43:39Z

Modified

2026-04-16T06:26:21.757463691Z

Summary

Updated asterisk packages fixes security vulnerability

Details

The overlap dialing feature in chansip allows chansip to report to a device that the number that has been dialed is incomplete and more digits are required. If this functionality is used with a device that has performed username/password authentication RTP resources are leaked. This occurs because the code fails to release the old RTP resources before allocating new ones in this scenario. If all resources are used then RTP port exhaustion will occur and no RTP sessions are able to be set up (AST-2016-007).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / asterisk

Package

Name: asterisk
Purl: pkg:rpm/mageia/asterisk?arch=source&distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.23.1-1.mga5

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2016-0344.json"