Vulnerability Description
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a specially crafted UDP (STUN) message that could remotely execute arbitrary code on the victim’s machine. Users are advised to upgrade as soon as possible. There are no known workarounds.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Teluu | Pjsip | <= 2.11.1 |
| Asterisk | Certified Asterisk | < 16.8.0 |
| Sangoma | Asterisk | >= 16.0.0, < 16.24.1 |
| Debian | Debian Linux | 9.0 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2022/Mar/0Mailing ListPatchThird Party Advisory
- https://github.com/pjsip/pjproject/commit/15663e3f37091069b8c98a7fce680dc04bc8e8PatchThird Party Advisory
- https://github.com/pjsip/pjproject/security/advisories/GHSA-2qpg-f6wf-w984PatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/03/msg00035.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/11/msg00021.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
- https://security.gentoo.org/glsa/202210-37Third Party Advisory
- https://www.debian.org/security/2022/dsa-5285Third Party Advisory
- http://packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2022/Mar/0Mailing ListPatchThird Party Advisory
- https://github.com/pjsip/pjproject/commit/15663e3f37091069b8c98a7fce680dc04bc8e8PatchThird Party Advisory
- https://github.com/pjsip/pjproject/security/advisories/GHSA-2qpg-f6wf-w984PatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/03/msg00035.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/11/msg00021.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2021-37706?
CVE-2021-37706 is a vulnerability with a CVSS score of 7.3 (HIGH). PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the inc...
How severe is CVE-2021-37706?
CVE-2021-37706 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-37706?
Check the references section above for vendor advisories and patch information. Affected products include: Teluu Pjsip, Asterisk Certified Asterisk, Sangoma Asterisk, Debian Debian Linux.