FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

asterisk -- Crash when negotiating T.38 with a zero port

Affected packages
asterisk16 < 16.16.2
asterisk18 < 18.2.2

Details

VuXML ID 9e8f0766-7d21-11eb-a2be-001999f8d30b
Discovery 2021-02-20
Entry 2021-03-04

The Asterisk project reports:

When Asterisk sends a re-invite initiating T.38 faxing and the endpoint responds with a m=image line and zero port, a crash will occur in Asterisk. This is a reoccurrence of AST-2019-004.

References

CVE Name CVE-2019-15297
URL https://downloads.asterisk.org/pub/security/AST-2021-006.html