{"id":"CVE-2022-21722","summary":"Potential out-of-bound read during RTP/RTCP parsing in PJSIP","details":"PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially cause out-of-bound read access. This issue affects all users that use PJMEDIA and accept incoming RTP/RTCP. A patch is available as a commit in the `master` branch. There are no known workarounds.","aliases":["GHSA-m66q-q64c-hv36"],"modified":"2026-04-11T18:45:00.742536Z","published":"2022-01-27T00:00:00Z","database_specific":{"cwe_ids":["CWE-125"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/21xxx/CVE-2022-21722.json","cna_assigner":"GitHub_M"},"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00030.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/21xxx/CVE-2022-21722.json"},{"type":"ADVISORY","url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-m66q-q64c-hv36"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-21722"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202210-37"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5285"},{"type":"FIX","url":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pjsip/pjproject","events":[{"introduced":"0"},{"fixed":"22af44e68a0c7d190ac1e25075e1382f77e9397a"}]}],"versions":["2.10","2.11"],"database_specific":{"vanir_signatures":[{"signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["47373750773676932995402742375667435409","336105816843371207288920481319281899075","41108848903122159761172769377039323225","279036465876967286929817339228715488775"],"threshold":0.9},"id":"CVE-2022-21722-23a627f8","target":{"file":"pjmedia/src/pjmedia/rtp.c"},"source":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a","deprecated":false},{"signature_type":"Function","signature_version":"v1","digest":{"function_hash":"204160321636726277846352359098732790872","length":768},"id":"CVE-2022-21722-39f6eca7","target":{"file":"pjmedia/src/pjmedia/rtcp_fb.c","function":"pjmedia_rtcp_fb_parse_nack"},"source":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a","deprecated":false},{"signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["132733674367057306218489032942194767793","197065539055419911514372794994483772741","336493860829647053370245182741508935925","949678916078161507574611626766125016","274416996499989123366290611975322738634","266928133760159141359414613799550046819","137516730110399975578995211486466334643","54236243896619813369775516977470093988","259626650259294823684418528449515920307","332698115436016349946517064397731487604","157269180575808452123977338225120035245","99921808916902487708972968486100241562","9188539270811743547904587440579793495","310029029127466266102514895539709014864","241257124347692658426528257247481118639","148888644317804323370416062540589802899","6058180929763430761766583398211409553","274065424795763260174401469600018406611"],"threshold":0.9},"id":"CVE-2022-21722-3e305a27","target":{"file":"pjmedia/src/pjmedia/rtcp.c"},"source":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a","deprecated":false},{"signature_type":"Function","signature_version":"v1","digest":{"function_hash":"217253897650671177967154799955706016949","length":3530},"id":"CVE-2022-21722-50e25a0c","target":{"file":"pjmedia/src/pjmedia/rtcp.c","function":"parse_rtcp_report"},"source":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a","deprecated":false},{"signature_type":"Function","signature_version":"v1","digest":{"function_hash":"86492311180379546190793097364491410584","length":983},"id":"CVE-2022-21722-75a873dd","target":{"file":"pjmedia/src/pjmedia/rtp.c","function":"pjmedia_rtp_decode_rtp2"},"source":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a","deprecated":false},{"signature_type":"Function","signature_version":"v1","digest":{"function_hash":"83592509060638160850256873572962384079","length":252},"id":"CVE-2022-21722-7cae7907","target":{"file":"pjmedia/src/pjmedia/rtcp_fb.c","function":"pjmedia_rtcp_fb_parse_pli"},"source":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a","deprecated":false},{"signature_type":"Function","signature_version":"v1","digest":{"function_hash":"209793210882971918773252956635717702902","length":718},"id":"CVE-2022-21722-922c270f","target":{"file":"pjmedia/src/pjmedia/rtcp.c","function":"pjmedia_rtcp_rx_rtcp"},"source":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a","deprecated":false},{"signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["169776533346970850884793066392180536281","148165074382543561729081030180022202839","97264480108296867183066344461584939808","235861480782050096680251310105409215892","60625714718452876487427797833566943449","199536807541940874780134447698669626353","51773062741230091335802978208927908354","131812912857677426174400325543442667522"],"threshold":0.9},"id":"CVE-2022-21722-fc702ec7","target":{"file":"pjmedia/src/pjmedia/rtcp_fb.c"},"source":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a","deprecated":false}],"vanir_signatures_modified":"2026-04-11T18:45:00Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-21722.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}]}