FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

asterisk -- Remote crash vulnerability with SDP protocol violation

Affected packages
asterisk15 < 15.7.2
asterisk16 < 16.2.1

Details

VuXML ID be0e3817-3bfe-11e9-9cd6-001999f8d30b
Discovery 2019-01-24
Entry 2019-03-01

The Asterisk project reports:

When Asterisk makes an outgoing call, a very specific SDP protocol violation by the remote party can cause Asterisk to crash.

References

CVE Name CVE-2019-7251
URL https://downloads.asterisk.org/pub/security/AST-2019-001.html