USN-4240-1

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/notices/USN-4240-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4240-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4240-1
Upstream
Related
Published
2020-01-16T18:31:14.102502Z
Modified
2025-10-13T04:35:02Z
Summary
kamailio vulnerability
Details

It was discovered that Kamailio incorrectly handled a specially crafted file. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

References

Affected packages

Ubuntu:16.04:LTS / kamailio

Package

Name
kamailio
Purl
pkg:deb/ubuntu/kamailio@4.3.4-1.1ubuntu2.1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-1.1ubuntu2.1

Affected versions

4.*

4.3.1-2ubuntu1
4.3.4-1.1ubuntu1
4.3.4-1.1ubuntu2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-autheph-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-berkeley-bin"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-berkeley-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-carrierroute-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-cnxcc-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-cpl-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-dnssec-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-erlang-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-extra-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-geoip-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-ims-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-java-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-json-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-kazoo-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-ldap-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-lua-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-memcached-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-mono-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-mysql-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-outbound-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-perl-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-postgres-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-presence-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-purple-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-python-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-radius-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-redis-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-sctp-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-snmpstats-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-sqlite-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-tls-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-unixodbc-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-utils-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-websocket-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-xml-modules"
        },
        {
            "binary_version": "4.3.4-1.1ubuntu2.1",
            "binary_name": "kamailio-xmpp-modules"
        }
    ],
    "availability": "No subscription required"
}

Database specific

cves_map

{
    "cves": [
        {
            "severity": [
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
                },
                {
                    "type": "Ubuntu",
                    "score": "high"
                }
            ],
            "id": "CVE-2018-8828"
        }
    ],
    "ecosystem": "Ubuntu:16.04:LTS"
}