{"id":"CVE-2021-46837","details":"res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrence of the CVE-2019-15297 symptoms but not for exactly the same reason. The crash occurs because there is an append operation relative to the active topology, but this should instead be a replace operation.","modified":"2026-04-10T04:40:38.211407Z","published":"2022-08-30T07:15:07.417Z","references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5285"},{"type":"ADVISORY","url":"https://downloads.asterisk.org/pub/security/AST-2021-006.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/asterisk/asterisk","events":[{"introduced":"0"},{"last_affected":"d436f568583184a13aa46349af5a3f0907087b44"},{"introduced":"a65908f83e2f17a3aca7eb39c8e06045aca02674"},{"fixed":"e483670754ae41e94c571fb497004779c8c81fb2"},{"introduced":"5ffe12b6ef30cd503f85d75745fd8d9c2cfafe47"},{"fixed":"f1efd037a1fd0260d41538f331af139e2677eafe"},{"introduced":"2c1bba3cbec008c8ce35c78a2c79f9f207ea58bc"},{"fixed":"29ed38ff2de4e7eca8ee622588a0edc7635d49cb"},{"introduced":"0"},{"last_affected":"847f753c4eda5891c4fe77dd7d0341381cb84975"},{"introduced":"0"},{"last_affected":"affbc6907eb544bc6e049085de91002ca24ff930"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"16.8.0-NA"},{"introduced":"16.0.0"},{"fixed":"16.16.2"},{"introduced":"17.0.0"},{"fixed":"17.9.3"},{"introduced":"18.0.0"},{"fixed":"18.2.2"},{"introduced":"0"},{"last_affected":"10.0"},{"introduced":"0"},{"last_affected":"11.0"}]}}],"versions":["10.0.0","10.0.0-rc1","10.0.0-rc2","10.0.0-rc3","11.0.0","11.0.0-rc1","11.0.0-rc2","16.16.0","16.16.0-rc1","16.16.1","16.8.0","16.8.0-rc1","16.8.0-rc2","17.9.0","17.9.0-rc1","17.9.1","17.9.2","18.2.0","18.2.0-rc1","18.2.1"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"16.8.0-cert1"}]},{"events":[{"introduced":"0"},{"last_affected":"16.8.0-cert2"}]},{"events":[{"introduced":"0"},{"last_affected":"16.8.0-cert3"}]},{"events":[{"introduced":"0"},{"last_affected":"16.8.0-cert4"}]},{"events":[{"introduced":"0"},{"last_affected":"16.8.0-cert5"}]},{"events":[{"introduced":"0"},{"last_affected":"16.8.0-cert6"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-46837.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}