Back to search
CVE-2021-26713
Published: Feb 19, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession. This is caused by a signedness comparison mismatch.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://downloads.asterisk.org/pub/security/
x_refsource_MISC
https://downloads.asterisk.org/pub/security/AST-2021-004.html
x_refsource_MISC
https://issues.asterisk.org/jira/browse/ASTERISK-29205
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now