1737365 – (CVE-2014-8415) CVE-2014-8415 asterisk: Race condition in the chan_pjsip channel driver leads to DoS

Bug 1737365 (CVE-2014-8415) - CVE-2014-8415 asterisk: Race condition in the chan_pjsip channel driver leads to DoS

Summary: CVE-2014-8415 asterisk: Race condition in the chan_pjsip channel driver leads...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2014-8415
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-08-05 08:42 UTC by Marian Rehak
Modified:	2021-10-27 10:47 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2021-10-27 10:47:31 UTC
Embargoed:

Attachments	(Terms of Use)

Description Marian Rehak 2019-08-05 08:42:00 UTC

Race condition in the chan_pjsip channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 allows remote attackers to cause a denial of service (assertion failure and crash) via a cancel request for a SIP session with a queued action to (1) answer a session or (2) send ringing.

Upstream Issue:

http://downloads.asterisk.org/pub/security/AST-2014-015.html

Note You need to log in before you can comment on or make changes to this bug.