2255321 – asterisk: PJSIP logging allows attacker to inject fake Asterisk log entries

Bug 2255321 - asterisk: PJSIP logging allows attacker to inject fake Asterisk log entries

Summary: asterisk: PJSIP logging allows attacker to inject fake Asterisk log entries

Keywords:
Status:	NEW
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2255322 2255323
Blocks:	2254624
TreeView+	depends on / blocked

Reported:	2023-12-20 05:50 UTC by TEJ RATHI
Modified:	2023-12-20 09:51 UTC (History)
CC List:	0 users
Fixed In Version:	asterisk 21.0.1, asterisk 18.20.1, asterisk 20.5.1, certified-asterisk 18.9-cert6
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description TEJ RATHI 2023-12-20 05:50:39 UTC

PJSIP logging allows attacker to inject fake Asterisk log entries. An attacker can send a fake Asterisk log entry on the PJSIP signaling port, resulting in the fake entry being logged as an invalid packet. Servers running fail2ban or similar against the Asterisk logs may then take inappropriate action based on the fake log entries.

https://github.com/asterisk/asterisk/security/advisories/GHSA-5743-x3p5-3rg7

Comment 1 TEJ RATHI 2023-12-20 05:52:42 UTC

Created asterisk tracking bugs for this issue:

Affects: epel-all [bug 2255322]
Affects: fedora-all [bug 2255323]

Note You need to log in before you can comment on or make changes to this bug.