An issue exists in res_pjsip_t38.c in Sangoma Asterisk up to and including 13.x and Certified Asterisk up to and including 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
digium certified asterisk 13.21 |
||
digium asterisk |
||
debian debian linux 9.0 |