Red Hat Bugzilla – Bug 1304670
CVE-2016-2316 asterisk: File descriptor exhaustion in chan_sip (AST-2016-002)
Last modified: 2016-02-17 09:21:10 EST
It was reported that setting the sip.conf timert1 value to a value higher than 1245 can cause an integer overflow and result in large retransmit timeout times. These large timeout values hold system file descriptors hostage and can cause the system to run out of file descriptors.
Created asterisk tracking bugs for this issue:
Affects: fedora-all [bug 1304671]
Affects: epel-6 [bug 1304672]
I've updated Rawhide to upstream release 13.7.1, which corrects this issue (as well as two other reported security issues).
Once the build finishes in Rawhide, I'll push to f23 and f22 for testing as well.
CVE assignment information from upstream:
asterisk-13.7.1-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
asterisk-13.7.1-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.