Asterisk was found to have a vulnerability, where a 16 bit SMS message that contains an odd message length value will cause the message decoding loop to run forever. The message buffer is not on the stack but will be overflowed resulting in corrupted memory and an immediate crash. The issue is said to be fixed in Asterisk 1.8.24.1 and 11.6.1. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732355 http://downloads.asterisk.org/pub/security/AST-2013-006.html Patch: 1.8: http://downloads.asterisk.org/pub/security/AST-2013-006-1.8.diff 11: http://downloads.asterisk.org/pub/security/AST-2013-006-11.diff
Created asterisk tracking bugs for this issue: Affects: fedora-all [bug 1043921] Affects: epel-6 [bug 1043923]
asterisk-11.7.0-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
asterisk-11.7.0-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
asterisk-11.7.0-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.