PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP version 2.10 and earlier, after an initial INVITE has been sent, when two 183 responses are received, with the first one causing negotiation failure, a crash will occur. This results in a denial of service.
References
Link | Resource |
---|---|
https://github.com/pjsip/pjproject/commit/97b3d7addbaa720b7ddb0af9bf6f3e443e664365 | Patch Third Party Advisory |
https://github.com/pjsip/pjproject/security/advisories/GHSA-hvq6-f89p-frvp | Exploit Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/04/msg00023.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/05/msg00020.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/202107-42 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2021-03-10T22:30:25
Updated: 2021-07-20T10:06:12
Reserved: 2020-12-22T00:00:00
Link: CVE-2021-21375
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-03-10T23:15:12.520
Modified: 2022-10-21T22:40:21.120
Link: CVE-2021-21375
JSON object: View
Redhat Information
No data.