Digium Asterisk Open Source up to 13.27.0/14.x/15.7.2/16.4.0 SDP chan_sip null pointer dereference

Summaryinfo

A vulnerability, which was classified as problematic, has been found in Digium Asterisk Open Source up to 13.27.0/14.x/15.7.2/16.4.0. The affected element is the function chan_sip of the component SDP Handler. This manipulation causes null pointer dereference. This vulnerability appears as CVE-2019-13161. The attack may be initiated remotely. There is no available exploit.

Detailsinfo

A vulnerability has been found in Digium Asterisk Open Source up to 13.27.0/14.x/15.7.2/16.4.0 (Communications System) and classified as problematic. Affected by this vulnerability is the function chan_sip of the component SDP Handler. The manipulation with an unknown input leads to a null pointer dereference vulnerability. The CWE definition for the vulnerability is CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. As an impact it is known to affect availability. The summary by CVE is:

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. To exploit this vulnerability an attacker must cause the chan_sip module to send a T.38 re-invite request to them. Upon receipt, the attacker must send an SDP answer containing both a T.38 UDPTL stream and another media stream containing only a codec (which is not permitted according to the chan_sip configuration).

The weakness was presented 07/12/2019 (Website). It is possible to read the advisory at downloads.digium.com. This vulnerability is known as CVE-2019-13161 since 07/02/2019. The attack can be launched remotely. The successful exploitation needs a single authentication. Technical details of the vulnerability are known, but there is no available exploit.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• Communications System

Vendor

• Digium

Name

• Asterisk Open Source

Version

• 13.0
• 13.1
• 13.2
• 13.3
• 13.4
• 13.5
• 13.6
• 13.7
• 13.8
• 13.9
• 13.10
• 13.11
• 13.12
• 13.13
• 13.14
• 13.15
• 13.16
• 13.17
• 13.18
• 13.19
• 13.20
• 13.21
• 13.22
• 13.23
• 13.24
• 13.25
• 13.26
• 13.27.0
• 14.x
• 15.7.0
• 15.7.1
• 15.7.2
• 16.0
• 16.1
• 16.2
• 16.3
• 16.4.0

License

• open-source

Website

• Vendor: https://www.digium.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Discussion