[3.6] kamailio: Security vulnerability in Kamailio core related to To header processing (CVE-2018-14767)
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message
with a double “To” header and an empty “To” tag causes
a segmentation fault and crash. The reason is missing input validation
in the “build_res_buf_from_sip_req” core function.
This could result in denial of service and potentially the execution of
arbitrary code.
References:
https://skalatan.de/blog/advisory-hw-2018-05
https://nvd.nist.gov/vuln/detail/CVE-2018-14767
(from redmine: issue id 9184, created on 2018-08-02, closed on 2018-09-20)
- Relations:
- copied_to #9180 (closed)
- parent #9180 (closed)
- Changesets:
- Revision c487afe0 on 2018-09-18T11:35:08Z:
main/kamailio: security fix (CVE-2018-14767)
Fixes #9184