CVE-2023-40019 : FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformati

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.10, FreeSWITCH allows authorized users to cause a denial of service attack by sending re-INVITE with SDP containing duplicate codec names. When a call in FreeSWITCH completes codec negotiation, the `codec_string` channel variable is set with the result of the negotiation. On a subsequent re-negotiation, if an SDP is offered that contains codecs with the same names but with different formats, there may be too many codec matches detected by FreeSWITCH leading to overflows of its internal arrays. By abusing this vulnerability, an attacker is able to corrupt stack of FreeSWITCH leading to an undefined behavior of the system or simply crash it. Version 1.10.10 contains a patch for this issue.

Published 2023-09-15 20:15:10

Updated 2023-09-21 18:04:05

Source GitHub, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2023-40019

Freeswitch » Freeswitch
Versions before (<) 1.10.10
cpe:2.3:a:freeswitch:freeswitch:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-40019

EPSS FAQ

0.23%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 45 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-40019

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	GitHub, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2023-40019

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

Assigned by: security-advisories@github.com (Primary)

References for CVE-2023-40019

https://github.com/signalwire/freeswitch/security/advisories/GHSA-gjj5-79p2-9g3q

FreeSWITCH allows authorized users to cause a denial of service attack by sending re-INVITE with SDP containing duplicate codec names · Advisory · signalwire/freeswitch · GitHub
Exploit;Vendor Advisory
https://github.com/signalwire/freeswitch/releases/tag/v1.10.10

Release FreeSWITCH v1.10.10 Release · signalwire/freeswitch · GitHub
Release Notes

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-40019

Products affected by CVE-2023-40019

Exploit prediction scoring system (EPSS) score for CVE-2023-40019

CVSS scores for CVE-2023-40019

CWE ids for CVE-2023-40019

References for CVE-2023-40019