CVE-2023-38703 - OpenCVE

Vendors	Products
Teluu	Pjsip

Link	Resource
https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d	Patch
https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66	Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-38703", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-07-24T16:19:28.365Z", "datePublished": "2023-10-06T13:46:54.238Z", "dateUpdated": "2023-10-06T13:46:54.238Z"}, "containers": {"cna": {"title": "PJSIP has use-after-free vulnerability in SRTP media transport", "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "lang": "en", "description": "CWE-416: Use After Free", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66"}, {"name": "https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d", "tags": ["x_refsource_MISC"], "url": "https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html"}], "affected": [{"vendor": "pjsip", "product": "pjproject", "versions": [{"version": "<= 2.13.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-06T13:46:54.238Z"}, "descriptions": [{"lang": "en", "value": "PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability\u2019s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch.\n"}], "source": {"advisory": "GHSA-f76w-fh7c-pc66", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:teluu:pjsip:*:*:*:*:*:*:*:*", "matchCriteriaId": "18445C5E-4DC0-4E50-8E25-1CE15925AAC1", "versionEndIncluding": "2.13.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability\u2019s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch.\n"}, {"lang": "es", "value": "PJSIP es una librer\u00eda de comunicaci\u00f3n multimedia gratuita y de c\u00f3digo abierto escrita en C con API de alto nivel en los lenguajes C, C++, Java, C# y Python. SRTP es un transporte de medios de nivel superior que se apila sobre un transporte de medios de nivel inferior, como UDP e ICE. Actualmente, un transporte de nivel superior no est\u00e1 sincronizado con su transporte de nivel inferior, lo que puede introducir un problema de use-after-free. Esta vulnerabilidad afecta a las aplicaciones que tienen capacidad SRTP (`PJMEDIA_HAS_SRTP` est\u00e1 configurado) y utilizan transporte de medios subyacente distinto de UDP. El impacto de esta vulnerabilidad puede variar desde la terminaci\u00f3n inesperada de la aplicaci\u00f3n hasta el secuestro de flujo de control/corrupci\u00f3n de memoria. El parche est\u00e1 disponible como commit en la rama master."}], "id": "CVE-2023-38703", "lastModified": "2023-12-29T00:15:49.813", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-10-06T14:15:12.020", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66"}, {"source": "security-advisories@github.com", "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "security-advisories@github.com", "type": "Primary"}]}

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

JSON object

JSON object

JSON object