FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

asterisk -- Remote crash in res_pjsip_session

Affected packages
asterisk13 < 13.37.1
asterisk16 < 16.14.1
asterisk18 < 18.0.1

Details

VuXML ID 972fe546-1fb6-11eb-b9d4-001999f8d30b
Discovery 2020-11-05
Entry 2020-11-05

The Asterisk project reports:

Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending upon some off nominal circumstances, and timing it was possible for another thread to free said dialog in this gap. Asterisk could then crash when the dialog object, or any of its dependent objects were de-referenced, or accessed next by the initial creation thread.

References

URL https://downloads.asterisk.org/pub/security/AST-2020-001.html