PRIOn knowledge basePRION:CVE-2021-43302

HistoryFeb 16, 2022 - 9:15 p.m.

Out-of-bounds

2022-02-1621:15:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.1%

JSON

Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled ‘filename’ argument may cause an out-of-bounds read when the filename is shorter than 4 characters.

CPENameOperatorVersion
debian_linuxeq9.0
debian_linuxeq10.0
debian_linuxeq11.0
pjsiple2.11.1

Name	Operator	Version
debian_linux	eq	9.0
debian_linux	eq	10.0
debian_linux	eq	11.0
pjsip	le	2.11.1

References

github.com/pjsip/pjproject/security/advisories/GHSA-qcvw-h34v-c7r9

lists.debian.org/debian-lts-announce/2022/03/msg00035.html

lists.debian.org/debian-lts-announce/2022/11/msg00021.html

lists.debian.org/debian-lts-announce/2023/08/msg00038.html

www.debian.org/security/2022/dsa-5285