PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmedia_rtcp_fb_parse_rpsi() will be affected. A patch is available in the `master` branch of the `pjsip/pjproject` GitHub repository. There are currently no known workarounds.
References
Link | Resource |
---|---|
https://github.com/pjsip/pjproject/commit/11559e49e65bdf00922ad5ae28913ec6a198d508 | Patch Third Party Advisory |
https://github.com/pjsip/pjproject/security/advisories/GHSA-vhxv-phmx-g52q | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/202210-37 | Third Party Advisory |
https://www.debian.org/security/2022/dsa-5285 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-04-06T00:00:00
Updated: 2022-11-18T00:00:00
Reserved: 2022-02-10T00:00:00
Link: CVE-2022-24786
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-06T14:15:07.980
Modified: 2023-02-02T18:30:33.413
Link: CVE-2022-24786
JSON object: View
Redhat Information
No data.