Allele Security Alert
ASA-2019-00540
Identifier(s)
ASA-2019-00540, CVE-2019-15297, AST-2019-004
Title
Crash when negotiating for T.38 with a declined stream
Vendor(s)
Digium, Inc
Product(s)
Asterisk Open Source
Affected version(s)
Asterisk Open Source 15.x before version 15.7.4
Asterisk Open Source 16.x before version 16.5.1
Fixed version(s)
Asterisk Open Source 15.x version 15.7.4
Asterisk Open Source 16.x version 16.5.1
Proof of concept
Unknown
Description
When Asterisk sends a re-invite initiating T.38 faxing, and the endpoint responds with a declined media stream a crash will then occur in Asterisk.
Technical details
Unknown
Credits
Alexei Gradinari
Reference(s)
AST-2019-004: Crash when negotiating for T.38 with a declined stream
https://downloads.asterisk.org/pub/security/AST-2019-004.html
AST-2019-004: Crash when negotiating for T.38 with a declined stream
http://downloads.digium.com/pub/security/AST-2019-004.pdf
AST-2019-004: Crash when negotiating for T.38 with a declined stream
https://seclists.org/fulldisclosure/2019/Sep/8
200 OK with SDP answer with declined stream causes crash
https://issues.asterisk.org/jira/browse/ASTERISK-28495
[PATCH] AST-2019-004 – res_pjsip_t38.c: Add NULL checks before using session media
https://downloads.asterisk.org/pub/security/AST-2019-004-15.diff
[PATCH] AST-2019-004 – res_pjsip_t38.c: Add NULL checks before using session media
https://downloads.asterisk.org/pub/security/AST-2019-004-16.diff
CVE-2019-15297
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15297
CVE-2019-15297
https://nvd.nist.gov/vuln/detail/CVE-2019-15297
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: September 19, 2019