{"id":"CVE-2022-24754","summary":"Buffer overflow in pjsip","details":"PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type `PJSIP_CRED_DATA_DIGEST`). This issue has been patched in the master branch of the PJSIP repository and will be included with the next release. Users unable to upgrade need to check that the hashed digest data length must be equal to `PJSIP_MD5STRLEN` before passing to PJSIP.","aliases":["GHSA-73f7-48m9-w662"],"modified":"2026-04-02T07:50:42.710361Z","published":"2022-03-11T00:00:00Z","database_specific":{"cwe_ids":["CWE-120"],"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/24xxx/CVE-2022-24754.json"},"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00030.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/24xxx/CVE-2022-24754.json"},{"type":"ADVISORY","url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-73f7-48m9-w662"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24754"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202210-37"},{"type":"FIX","url":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pjsip/pjproject","events":[{"introduced":"0"},{"fixed":"d27f79da11df7bc8bb56c2f291d71e54df8d2c47"}]}],"versions":["0.3-pre","0.5.0-before-conf","0.5.0.1","0.5.10","0.5.10.1","0.5.10.2","0.5.10.3","0.5.10.4","0.5.2","0.5.3","0.5.4","0.5.5.1","0.5.6","0.5.6.1","0.5.7","0.5.8","0.5.9","0.7.0","0.7.0-rc1","0.8.0","0.9.0","1.0","1.0-rc1","1.0-rc2","1.0-rc3","1.0-rc4","1.0.1","1.0.2","1.0.3","1.1","1.10","1.12","1.14","1.14.2","1.16","1.2","1.3","1.4","1.4.5","1.5","1.5.5","1.6","1.7","1.8","1.8.10","1.8.5","2.0","2.0-alpha","2.0-alpha2","2.0-beta","2.0-rc","2.0.1","2.1","2.10","2.11","2.11.1","2.12","2.12.1","2.2","2.2.1","2.3","2.4","2.4.5","2.5","2.5.1","2.5.5","2.6","2.7","2.7.1","2.7.2","2.8","2.9"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","digest":{"line_hashes":["299709311873608880988636980742695464174","21132021110159453837357094061206524990","175235747002450925360748944550633140623","53651555075693628937070254714905623725","319023144680460019869710402161431358443","106147087297585284636659469915616770521","57396927823695453249183366179384935478","290753011912600507561802673292980787819","149248161753406939423559045031533028501","156636241931698883008699077916843830348","221414907044905307170300040543307656407","222970373177366380371470508801480012972","243214901310204531526097904885272190982","230041218211099497348857410262718506825","135349389105438244115321296346845134079","125848110818998147133357429185634416478","218567861510236212098921142465771812177","289045686244688161745219329064037059425","47143129881767005743826879243880772892","15844686209243868257683620166399251725","186727829927895096419588063123912527960","329423712444533618661582743285352574716"],"threshold":0.9},"id":"CVE-2022-24754-09e9e58a","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Line","target":{"file":"pjsip/src/pjsip/sip_auth_aka.c"},"deprecated":false},{"signature_version":"v1","digest":{"line_hashes":["127552057055220083890816550508220109062","91621638760567993974657839912469334622","160721926611612678508243652513833616843","240888577185830077805007716856733299688","235528526870395130326396853882396535302","178072715449166534323518089856372074363","191438391579901834080632174740888308246","35812943875898568257213428124828873289","12445385296682089902395049039351825883","13927135657463034826122165689244649037","5314942704111016561485380214551975699"],"threshold":0.9},"id":"CVE-2022-24754-31dd1a54","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Line","target":{"file":"pjsip/include/pjsip/sip_auth.h"},"deprecated":false},{"signature_version":"v1","digest":{"function_hash":"193403478551700848744184750211318234695","length":2095},"id":"CVE-2022-24754-527d3e78","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Function","target":{"file":"pjsip/src/pjsip/sip_auth_client.c","function":"pjsip_auth_create_digest"},"deprecated":false},{"signature_version":"v1","digest":{"function_hash":"161017084494128264196437867381472270636","length":930},"id":"CVE-2022-24754-5d771c3b","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Function","target":{"file":"pjsip/src/pjsip/sip_auth_server.c","function":"pjsip_auth_verify"},"deprecated":false},{"signature_version":"v1","digest":{"function_hash":"326416517246919267048869581302434904226","length":2393},"id":"CVE-2022-24754-6d998651","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Function","target":{"file":"pjsip/src/pjsip/sip_auth_client.c","function":"pjsip_auth_create_digestSHA256"},"deprecated":false},{"signature_version":"v1","digest":{"function_hash":"43545456541552402077718747936953011369","length":546},"id":"CVE-2022-24754-96ea7ec0","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Function","target":{"file":"pjsip/src/pjsua-lib/pjsua_core.c","function":"pjsua_init_tpselector"},"deprecated":false},{"signature_version":"v1","digest":{"line_hashes":["299324814416343543571757817326165202294","256166016884312026402124906095048333763","291725667466502172956620567310887881710","244829362517469787970947648338750558324"],"threshold":0.9},"id":"CVE-2022-24754-d4df6836","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Line","target":{"file":"pjsip/src/pjsua-lib/pjsua_core.c"},"deprecated":false},{"signature_version":"v1","digest":{"line_hashes":["95307009860509129960560266534071745590","303331917024133179334646894383753551461","33200503177742851277560014746584853177","327168562757884382986525338077633273736","234765433886472583158333848610253192311","80224222316804034161446718762421397438","319510872813167541266065731009450288387","305689425947208245683449235787110381166","170323786618635740249767696414447335669","227219934042793132927066209752302106395","143131811185387386453370571323336087445"],"threshold":0.9},"id":"CVE-2022-24754-e0dc2a3b","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Line","target":{"file":"pjsip/src/pjsip/sip_auth_server.c"},"deprecated":false},{"signature_version":"v1","digest":{"function_hash":"316532123808513179049598314143826768838","length":3735},"id":"CVE-2022-24754-e8a4ac96","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Function","target":{"file":"pjsip/src/pjsip/sip_auth_aka.c","function":"pjsip_auth_create_aka_response"},"deprecated":false},{"signature_version":"v1","digest":{"function_hash":"58612058819281644506436380980114981734","length":2845},"id":"CVE-2022-24754-efd2039e","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Function","target":{"file":"pjsip/src/pjsip/sip_auth_client.c","function":"respond_digest"},"deprecated":false},{"signature_version":"v1","digest":{"line_hashes":["129007404223081355569279857001359517210","148103138827750535100809059179281238831","140872972899068844689380460735039345019","197336857198129548166294622601880812675","235528526870395130326396853882396535302","178072715449166534323518089856372074363","191438391579901834080632174740888308246","35812943875898568257213428124828873289","38922946807880747353738175684201721756","175629687072950732662345660179761410559","96337523701056546404814340465987193558","186795348131012735069534514966008853851","136271400945968952686102528127097627684","273155399320214154825553174523945036686","266402998607369725301257178557449968800","142187337169602350560179703839388464809","284028682419841529722557231845458601820","172034340996308385347585106436303097746","150915179858999480422407539848543749386","200487468730075082661208002668781382872","26438063097519752225916118592982858722","58325348224149257418589618891699167954","199208029378941161779698593396364233770","80902009835596586330952109022999738381","189866088870383006487868462858445876340","248535431231652045404363195556401223180","301286528795969933392072327863189548604","240639140101793144357722267177821654396","142187337169602350560179703839388464809","284028682419841529722557231845458601820","100938276335210479326103081557462111707","73056333916544673455367935001129775206","43617085702140317290165527882027012306","140406807938132590108112090280939984394","164750884065599966374857189874672896520","37520016214645960705384507672007936439","268871096259333787879392378310234569610","314215540569679520543591439573713768875","214182602395579473802815561036868975382","245834873060523651769253972492333565471","5477344550756524549779931453315935341","284797472272498997295071519140016313266","125287657033826934400923259295421157595","87331820121713681744514647174116496314","207709037486222873007256855542520868813","67581944292747873271074475991451135331","125562384544312494927789251061716728643","280780336817347750798757675498652125459","266518885114482179965110974435584014900","15255620025737344812324059885867437618","280461626524850351438469834240632116672","5477344550756524549779931453315935341","94403232902452911798600831123668280417","52274894352646868827625186777162535040","248626396475163284743303245520251021167","200275248188335186631209392542051503954","144337981150845925292732799271238955273","197027431603965822675305083419595989785","329025692917649332323625675752738623362","284387742252265801411590215417906017381","260192736690556203765856357137809903848","338885731672668099010170293648019508200","144337981150845925292732799271238955273","10129492493559366802851649302570180529","137833553310127616346639802288297103671","317783544775551967948629360062908363544","296441803874759078961826599977186502205","21214352845719137033646023319690826875","82012062592255314118137714038488112838","78567939356946561319398206500180039304"],"threshold":0.9},"id":"CVE-2022-24754-f4c3e16a","source":"https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47","signature_type":"Line","target":{"file":"pjsip/src/pjsip/sip_auth_client.c"},"deprecated":false}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24754.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}]}