FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

asterisk -- An unsuspecting user could crash Asterisk with multiple hold/unhold requests

Affected packages
16.16.0 <= asterisk16 < 16.16.1
18.2.0 <= asterisk18 < 18.2.1


VuXML ID ca21f5e7-7228-11eb-8386-001999f8d30b
Discovery 2021-02-11
Entry 2021-02-18

The Asterisk project reports:

Due to a signedness comparison mismatch, an authenticated WebRTC client could cause a stack overflow and Asterisk crash by sending multiple hold/unhold requests in quick succession.


CVE Name CVE-2021-26714