CVE-2022-47516

2022-12-1800:00:00

ubuntu.com

libsofia-sip

drachtio-server

denial of service

crafted udp message

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.003 Low

EPSS

Percentile

65.5%

JSON

An issue was discovered in the libsofia-sip fork in drachtio-server before
0.8.20. It allows remote attackers to cause a denial of service (daemon
crash) via a crafted UDP message that leads to a failure of the
libsofia-sip-ua/tport/tport.c self assertion.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchsofia-sip< 1.12.11+20110422.1-2.1+deb10u3build0.18.04.1UNKNOWN
ubuntu20.04noarchsofia-sip< 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1UNKNOWN
ubuntu22.04noarchsofia-sip< 1.12.11+20110422.1-2.1+deb10u3ubuntu0.22.04.1UNKNOWN
ubuntu22.10noarchsofia-sip< 1.12.11+20110422.1+1e14eea~dfsg-3ubuntu0.1UNKNOWN
ubuntu23.04noarchsofia-sip< 1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1UNKNOWN
ubuntu16.04noarchsofia-sip< 1.12.11+20110422.1-2.1+deb10u3ubuntu0.16.04.1~esm1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	sofia-sip	< 1.12.11+20110422.1-2.1+deb10u3build0.18.04.1	UNKNOWN
ubuntu	20.04	noarch	sofia-sip	< 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1	UNKNOWN
ubuntu	22.04	noarch	sofia-sip	< 1.12.11+20110422.1-2.1+deb10u3ubuntu0.22.04.1	UNKNOWN
ubuntu	22.10	noarch	sofia-sip	< 1.12.11+20110422.1+1e14eea~dfsg-3ubuntu0.1	UNKNOWN
ubuntu	23.04	noarch	sofia-sip	< 1.12.11+20110422.1+1e14eea~dfsg-4ubuntu1	UNKNOWN
ubuntu	16.04	noarch	sofia-sip	< 1.12.11+20110422.1-2.1+deb10u3ubuntu0.16.04.1~esm1	UNKNOWN