Use after free in res_pjsip_pubsub.c may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time Asterisk is also performing activty on that subscription.
Created asterisk tracking bugs for this issue:
Affects: epel-8 [bug 2150944]
Affects: fedora-all [bug 2150945]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.