Candidate: CVE-2019-13161
PublicDate: 2019-07-12 20:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13161
 http://downloads.digium.com/pub/security/AST-2019-003.html
 https://issues.asterisk.org/jira/browse/ASTERISK-28465
Description:
 An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and
 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk
 through 13.21-cert3. A pointer dereference in chan_sip while handling SDP
 negotiation allows an attacker to crash Asterisk when handling an SDP
 answer to an outgoing T.38 re-invite. To exploit this vulnerability an
 attacker must cause the chan_sip module to send a T.38 re-invite request to
 them. Upon receipt, the attacker must send an SDP answer containing both a
 T.38 UDPTL stream and another media stream containing only a codec (which
 is not permitted according to the chan_sip configuration).
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931981
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H [5.3 MEDIUM]


Patches_asterisk:
upstream_asterisk: released (1:16.2.1~dfsg-2)
precise/esm_asterisk: DNE
trusty_asterisk: ignored (out of standard support)
trusty/esm_asterisk: DNE
xenial_asterisk: ignored (end of standard support, was needed)
bionic_asterisk: needed
cosmic_asterisk: ignored (reached end-of-life)
disco_asterisk: ignored (reached end-of-life)
eoan_asterisk: not-affected (1:16.2.1~dfsg-2build2)
focal_asterisk: not-affected (1:16.2.1~dfsg-2build2)
groovy_asterisk: not-affected (1:16.2.1~dfsg-2build2)
hirsute_asterisk: not-affected (1:16.2.1~dfsg-2build2)
impish_asterisk: not-affected (1:16.2.1~dfsg-2build2)
jammy_asterisk: not-affected (1:16.2.1~dfsg-2build2)
devel_asterisk: not-affected (1:16.2.1~dfsg-2build2)