Pjproject
Monthly
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsip_auth_create_digest2() in PJSIP when using pre-computed digest credentials (PJSIP_CRED_DATA_DIGEST). The function copies credential data using cred_info->data.slen as the length without an upper-bound check, which can overflow the fixed-size ha1 stack buffer (128 bytes) if data.slen exceeds the expected digest string length.
Heap buffer overflow in PJSIP 2.16 and earlier allows local attackers with user interaction to execute arbitrary code or crash the application via maliciously crafted Opus audio frames. The vulnerability stems from undersized FEC decode buffers (960 bytes at 8 kHz mono) that receive up to 1280 bytes of encoded data without bounds checking during Opus codec decoding. With CVSS 8.5 severity and a public GitHub commit fix available, this represents a high-impact memory corruption vulnerability in a widely-deployed VoIP library, though exploitation requires local access and user interaction (AV:L/UI:P), limiting remote attack scenarios.
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsip_auth_create_digest2() in PJSIP when using pre-computed digest credentials (PJSIP_CRED_DATA_DIGEST). The function copies credential data using cred_info->data.slen as the length without an upper-bound check, which can overflow the fixed-size ha1 stack buffer (128 bytes) if data.slen exceeds the expected digest string length.
Heap buffer overflow in PJSIP 2.16 and earlier allows local attackers with user interaction to execute arbitrary code or crash the application via maliciously crafted Opus audio frames. The vulnerability stems from undersized FEC decode buffers (960 bytes at 8 kHz mono) that receive up to 1280 bytes of encoded data without bounds checking during Opus codec decoding. With CVSS 8.5 severity and a public GitHub commit fix available, this represents a high-impact memory corruption vulnerability in a widely-deployed VoIP library, though exploitation requires local access and user interaction (AV:L/UI:P), limiting remote attack scenarios.