CVE-2021-43302
Description
Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled filename argument may cause an out-of-bounds read when the filename is shorter than 4 characters.
Risk Information
Base Score
9.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
0.386
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| asterisk security update(DSA-5285-1) asterisk_16.28.0~dfsg-0+deb11u1_amd64.deb | Linux |
| Secure and distributed voice, video, and chat platform (USN-6422-1) jami_20230206.0~ds1-5ubuntu0.1_amd64.deb | Linux |
| Secure and distributed voice, video, and chat platform (USN-6422-1) jami_20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1_amd64.deb | Linux |
| Secure and distributed voice, video, and chat platform (USN-6422-1) ring_20180228.1.503da2b~ds1-1build1_i386.deb | Linux |
| Secure and distributed voice, video, and chat platform (USN-6422-1) ring_20180228.1.503da2b~ds1-1build1_amd64.deb | Linux |
| Secure and distributed voice, video, and chat platform (USN-6422-1) ring_20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1_all.deb | Linux |
| Secure and distributed voice, video, and chat platform (USN-6422-1) jami-daemon_20230206.0~ds1-5ubuntu0.1_amd64.deb | Linux |
| Secure and distributed voice, video, and chat platform (USN-6422-1) jami-daemon_20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1_amd64.deb | Linux |
| Secure and distributed voice, video, and chat platform (USN-6422-1) ring-daemon_20180228.1.503da2b~ds1-1build1_i386.deb | Linux |
| Secure and distributed voice, video, and chat platform (USN-6422-1) ring-daemon_20180228.1.503da2b~ds1-1build1_amd64.deb | Linux |
| Secure and distributed voice, video, and chat platform (USN-6422-1) ring-daemon_20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1_all.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234