Bug#1112470: asterisk: CVE-2025-57767
Salvatore Bonaccorso
carnil at debian.org
Fri Aug 29 20:12:53 BST 2025
Source: asterisk
Version: 1:22.5.1~dfsg+~cs6.15.60671435-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Hi,
The following vulnerability was published for asterisk.
CVE-2025-57767[0]:
| Asterisk is an open source private branch exchange and telephony
| toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP
| request is received with an Authorization header that contains a
| realm that wasn't in a previous 401 response's WWW-Authenticate
| header, or an Authorization header with an incorrect realm was
| received without a previous 401 response being sent, the
| get_authorization_header() function in
| res_pjsip_authenticator_digest will return a NULL. This wasn't being
| checked before attempting to get the digest algorithm from the
| header which causes a SEGV. This issue has been patched in versions
| 20.15.2, 21.10.2, and 22.5.2. There are no workarounds.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-57767
https://www.cve.org/CVERecord?id=CVE-2025-57767
[1] https://github.com/asterisk/asterisk/security/advisories/GHSA-64qc-9x89-rx5j
[2] https://github.com/asterisk/asterisk/pull/1407
[3] https://github.com/asterisk/asterisk/commit/02993717b08f899d4aca9888062f35dfb198584f
Regards,
Salvatore
More information about the Pkg-voip-maintainers
mailing list