OSV-2024-1249

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kamailio/OSV-2024-1249.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-1249
Published
2024-10-30T00:15:55.709182Z
Modified
2025-03-18T00:40:00.171776Z
Summary
Heap-buffer-overflow in extract_ice_option
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376100377

Crash type: Heap-buffer-overflow READ 1
Crash state:
extract_ice_option
parse_sdp_session
parse_sdp
References

Affected packages

OSS-Fuzz / kamailio

Package

Name
kamailio
Purl
pkg:generic/kamailio

Affected ranges

Type
GIT
Repo
https://github.com/kamailio/kamailio
Events
Introduced
236fada43f610b910490f7e0c216ac9aa3d9480c
Fixed
024c649c36bbe1d5ba4b306de53102cec4096734

Affected versions

5.*
5.6.0
5.6.1
5.6.2
5.6.3
5.6.4
5.6.5
5.6.6
5.7.0
5.7.1
5.7.2
5.7.3
5.7.4
5.7.5
5.7.6
5.8.0
5.8.1
5.8.2
5.8.3
5.8.4
5.8.5

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

introduced_range 
"cc4ac5c4b8133f435438bb322457eef7a8a642cf:fe7d7c571b6c8d446cf66a1cf27d335d98f5f945"
fixed_range 
"0a5db6808e859e88aae739e277d1647e05a4f4c6:024c649c36bbe1d5ba4b306de53102cec4096734"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kamailio/OSV-2024-1249.yaml"