PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type `PJSIP_CRED_DATA_DIGEST`). This issue has been patched in the master branch of the PJSIP repository and will be included with the next release. Users unable to upgrade need to check that the hashed digest data length must be equal to `PJSIP_MD5STRLEN` before passing to PJSIP.
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
| Link | Tags |
|---|---|
| https://github.com/pjsip/pjproject/security/advisories/GHSA-73f7-48m9-w662 | third party advisory patch |
| https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47 | third party advisory patch |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html | third party advisory mailing list |
| https://security.gentoo.org/glsa/202210-37 | third party advisory vendor advisory |
| https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html | mailing list |