Red Hat Bugzilla – Bug 832625
CVE-2012-3553 asterisk: skinny channel driver remote crash vulnerability
Last modified: 2015-07-29 09:02:39 EDT
AST-2012-008 previously dealt with a denial of service attack exploitable in the Skinny channel driver that occurred when certain messages are sent after a previously registered station sends an Off Hook message. Unresolved in that patch is an issue in the Asterisk 10 releases, wherein, if a Station Key Pad Button Message is processed after an Off Hook message, the channel driver will inappropriately dereference a Null pointer.
Similar to AST-2012-008, a remote attacker with a valid SCCP ID can can use this vulnerability by closing a connection to the Asterisk server when a station is in the "Off Hook" call state and crash the server.
This only affects version 10, and is fixed in 10.5.1.
Created asterisk tracking bugs for this issue
Affects: fedora-17 [bug 832626]
asterisk-10.5.1-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.