A denial of service (asterisk crash) was found in the way Session Initiation Protocol (SIP) channel implementation (SIP driver) of the Asterisk, an open-source telephony toolkit processed certain SIP UPDATE requests, when the 'trustrpid' option was enabled. A remote attacker, able to properly time the SIP update request arrival, [it to come within (after call was terminated and associated channel object has been destroyed, but before SIP dialog associated with the call has been destroyed) interval] could use this flaw to cause asterisk executable crash. Upstream advisory: http://downloads.asterisk.org/pub/security/AST-2012-006.html Upstream patch (against the v1.8 branch): http://downloads.asterisk.org/pub/security/AST-2012-006-1.8.diff Upstream patch (against the v1.10 branch): http://downloads.asterisk.org/pub/security/AST-2012-006-1.8.diff Upstream ticket: https://issues.asterisk.org/jira/browse/ASTERISK-19770 CVE assignment: http://www.openwall.com/lists/oss-security/2012/04/23/5
This issue affects the versions of the asterisk package, as shipped with Fedora release of 15 and 16. Please schedule an update. -- This issue affects the version of the asterisk package, as shipped with Fedora EPEL 6. Please schedule an update.
Created asterisk tracking bugs for this issue Affects: fedora-all [bug 815777] Affects: epel-6 [bug 815778]
asterisk-1.8.11.1-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
asterisk-1.8.11.1-1.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
asterisk-10.3.1-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
asterisk-1.8.11.1-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.