AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data

               Asterisk Project Security Advisory - AST-2016-003

Product Asterisk
Summary Remote crash vulnerability when receiving UDPTL FAX
Nature of Advisory Denial of Service
Susceptibility Remote Authenticated Sessions
Severity Minor
Exploits Known Yes
Reported On December 2, 2015
Reported By Walter Dokes, Torrey Searle
Posted On February 3, 2016
Last Updated On February 3, 2016
Advisory Contact Richard Mudgett <rmudgett AT digium DOT com>
CVE Name Pending

Description If no UDPTL packets are lost there is no problem. However,
a lost packet causes Asterisk to use the available error
correcting redundancy packets. If those redundancy packets
have zero length then Asterisk uses an uninitialized buffer
pointer and length value which can cause invalid memory
accesses later when the packet is copied.

Resolution Upgrade to a released version with the fix incorporated or
apply patch.

Affected Versions
Product Release
Asterisk Open Source 1.8.x All versions
Asterisk Open Source 11.x All versions
Asterisk Open Source 12.x All versions
Asterisk Open Source 13.x All versions
Certified Asterisk 1.8.28 All versions
Certified Asterisk 11.6 All versions
Certified Asterisk 13.1 All versions

Corrected In
Product Release
Asterisk Open Source 11.21.1, 13.7.1
Certified Asterisk 11.6-cert12, 13.1-cert3

SVN URL Revision Certified
1.8.28 Certified
11.6 Certified
13.1 Asterisk
1.8 Asterisk
11 Asterisk
12 Asterisk


Asterisk Project Security Advisories are posted at

This document may be superseded by later versions; if so, the latest
version will be posted at and

Commenti (0) Trackback (0)

Spiacenti, il modulo dei commenti è chiuso per ora.

Ancora nessun trackback.