CVE-2021-37706

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a specially crafted UDP (STUN) message that could remotely execute arbitrary code on the victim’s machine. Users are advised to upgrade as soon as possible. There are no known workarounds.

• How can I get the fixes?
• What do statuses mean?

References

• MITRE
• NVD
• Launchpad
• Debian

Related Ubuntu Security Notices (USN)

• USN-6422-1
• Ring vulnerabilities
• 9 October 2023
• USN-6422-2
• Ring vulnerabilities
• 24 October 2023

Other references

• https://github.com/pjsip/pjproject/security/advisories/GHSA-2qpg-f6wf-w984
• https://github.com/pjsip/pjproject/commit/15663e3f37091069b8c98a7fce680dc04bc8e865
• https://www.cve.org/CVERecord?id=CVE-2021-37706