CVE-2023-28099 Information

Description

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6 if ds_is_in_list() is used with an invalid IP address string (NULL is illegal input) OpenSIPS will attempt to print a string from a random address (stack garbage) which could lead to a crash. All users of ds_is_in_list() without the $si variable as 1st parameter could be affected by this vulnerability to a larger lesser or no extent at all depending if the data passed to the function is a valid IPv4 or IPv6 address string or not. Fixes will are available starting with the 3.1.9 and 3.2.6 minor releases. There are no known workarounds.

Reference

https://github.com/OpenSIPS/opensips/commit/e2f13d374 https://github.com/OpenSIPS/opensips/security/advisories/GHSA-pfm5-6vhv-3ff3 https://github.com/OpenSIPS/opensips/issues/2780