CVE-2018-7284: Buffer Overflow
First published: Thu Feb 22 2018(Updated: )
A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed, despite having a fixed limit of 32. If more than 32 Accept headers were present, the code would write outside of its memory and cause a crash.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/asterisk | 1:16.2.1~dfsg-1+deb10u2 1:16.28.0~dfsg-0+deb10u3 1:16.28.0~dfsg-0+deb11u3 1:20.4.0~dfsg+~cs6.13.40431414-2 | |
| debian/asterisk | <=1:13.14.1~dfsg-1<=1:13.18.5~dfsg-1 | 1:13.20.0~dfsg-1 1:13.14.1~dfsg-2+deb9u4 |
| Asterisk | <=13.19.1 | |
| Asterisk | >=14.0.0<=14.7.5 | |
| Asterisk | >=15.0.0<=15.2.1 | |
| Digium Asterisk Appliance Developer Kit | =13.18-cert1 | |
| Digium Asterisk Appliance Developer Kit | =13.18-cert2 | |
| Digium Asterisk Appliance Developer Kit | <=13.18 | |
| Debian | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://downloads.asterisk.org/pub/security/AST-2018-004.html
- https://issues.asterisk.org/jira/browse/ASTERISK-27640
- http://downloads.asterisk.org/pub/security/AST-2018-004-13.diff
- https://security-tracker.debian.org/tracker/CVE-2018-7284
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7284
- https://security-tracker.debian.org/tracker/CVE-2018-7285
- https://security-tracker.debian.org/tracker/CVE-2018-7286
- https://security-tracker.debian.org/tracker/CVE-2018-7287
- http://tzafrir.org.il
- https://security-tracker.debian.org/tracker/CVE-2018-12227
- https://security-tracker.debian.org/tracker/CVE-2018-17281
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891227
- http://www.securityfocus.com/bid/103151
- http://www.securitytracker.com/id/1040416
- https://www.debian.org/security/2018/dsa-4320
- https://www.exploit-db.com/exploits/44184/
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2018-7284.
What is the severity of CVE-2018-7284?
The severity of CVE-2018-7284 is high.
Which software versions are affected by CVE-2018-7284?
Asterisk versions through 13.19.1, 14.x through 14.7.5, 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2 are affected by CVE-2018-7284.
How can I fix CVE-2018-7284?
To fix CVE-2018-7284, it is recommended to update to the appropriate patched versions of Asterisk or Certified Asterisk as mentioned in the references.
Where can I find more information about CVE-2018-7284?
More information about CVE-2018-7284 can be found in the references provided: http://downloads.asterisk.org/pub/security/AST-2018-004.html, http://www.securityfocus.com/bid/103151, http://www.securitytracker.com/id/1040416.
- collector/security-tracker-debian
- collector/debian-bugs
- alias/CVE-2018-7284
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- vendor/digium
- canonical/asterisk
- version/asterisk/13.19.1
- version/asterisk/14.0.0
- version/asterisk/14.7.5
- version/asterisk/15.0.0
- version/asterisk/15.2.1
- canonical/digium asterisk appliance developer kit
- version/digium asterisk appliance developer kit/13.18-cert1
- version/digium asterisk appliance developer kit/13.18-cert2
- version/digium asterisk appliance developer kit/13.18
- vendor/debian
- canonical/debian
- version/debian/9.0