Enviar #673225: Kamailio Project Kamailio SIP Server 5.5 Use After Freeinformación

TítuloKamailio Project Kamailio SIP Server 5.5 Use After Free
Descripción Kamailio v5.5 contains a heap use-after-free in configuration include handling. Malicious or malformed configuration files that exercise `import` / `include` handling can cause Kamailio to read freed memory while parsing configuration (`sr_push_yy_state` / `cfg.lex`), resulting in process crash at startup (Denial of Service) and potential memory-corruption that could be leveraged further.
Fuente⚠️ https://shimo.im/docs/ZzkLMVMLOzIRlpAQ/
Usuario
 zh_vul (UID 91488)
Sumisión2025-10-11 10:29 (hace 9 meses)
Moderación2025-10-25 13:52 (14 days later)
EstadoAceptado
Entrada de VulDB329875 [Kamailio 5.5 Configuration File src/core/cfg.lex sr_push_yy_state desbordamiento de búfer]
Puntos20

AnteriorVisión De ConjuntoPróximo

Do you need the next level of professionalism?

Upgrade your account now!