Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.3389
AST-2019-005: A vulnerability has been identified in Asterisk
6 September 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Asterisk
Publisher: Asterisk
Operating System: Windows
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Denial of Service -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2019-15639
Original Bulletin:
http://downloads.asterisk.org/pub/security/AST-2019-005.html
- --------------------------BEGIN INCLUDED TEXT--------------------
Asterisk Project Security Advisory - AST-2019-005
Product Asterisk
Summary Remote Crash Vulnerability in audio transcoding
Nature of Advisory Denial of Service
Susceptibility Remote Unauthenticated Sessions
Severity Minor
Exploits Known No
Reported On August 7, 2019
Reported By Gregory Massel
Posted On
Last Updated On August 26, 2019
Advisory Contact Jcolp AT sangoma DOT com
CVE Name CVE-2019-15639
Description When audio frames are given to the audio transcoding support in Asterisk the
number of samples are examined and as part of this a message is output to
indicate that no samples are present. A change was done to suppress this
message for a particular scenario in which the message was not relevant. This
change assumed that information about the origin of a frame will always exist
when in reality it may not.
This issue presented itself when an RTP packet containing no audio (and thus no
samples) was received. In a particular transcoding scenario this audio frame
would get turned into a frame with no origin information. If this new frame was
then given to the audio transcoding support a crash would occur as no samples
and no origin information would be present. The transcoding scenario requires
the genericplc option to be set to enabled (the default) and a transcoding
path from the source format into signed linear and then from signed linear into
another format.
Note that there may be other scenarios that have not been found which can cause
an audio frame with no origin to be given to the audio transcoding support and
thus cause a crash.
Modules Affected main/translate.c
Resolution The genericplc option can be disabled in codecs.conf to mitigate the
described scenario. It is recommended, however, that Asterisk be upgraded to
one of the listed versions or the linked patch applied to protect against
potential unknown scenarios.
Affected Versions
Product Release
Series
Asterisk Open Source 13.x 13.28.0
Asterisk Open Source 16.x 16.5.0
Corrected In
Product Release
Asterisk Open Source 13.28.1
Asterisk Open Source 16.5.1
Patches
SVN URL Revision
http://downloads.asterisk.org/pub/security/ Asterisk 13
AST-2019-005-13.diff
http://downloads.asterisk.org/pub/security/ Asterisk 16
AST-2019-005-16.diff
Links https://issues.asterisk.org/jira/browse/ASTERISK-28499
Asterisk Project Security Advisories are posted at http://www.asterisk.org/
security
This document may be superseded by later versions; if so, the latest version
will be posted at http://downloads.digium.com/pub/security/ AST-2019-005 .pdf
and http://downloads.digium.com/pub/security/ AST-2019-005 .html
Revision History
Date Editor Revisions Made
August 26, 2019 Joshua Colp Initial revision
Asterisk Project Security Advisory - AST-2019-005
Copyright (C) 2019 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXXG7CWaOgq3Tt24GAQjV/w/+KxP3TmeJxVwzdXJYAIBnZpyzC49SgwvC
lMaAz2hiDarboPZNN1qGCh+B4Y1kfJ6dX+YZqjbGsvOotxroObL+pKLf/xosbHWe
8ja9OUg4cAaEvDontwq+eVLAw3R1vyB2AWLJMDQAVhWvKOplwNUYBZn0TEiIe0hd
CyFN9kozhM5cH2jPf3P7lG7I5s7x9Y+UjOEaEaZG31rK2hIy/ak5lQJ5rJJ0NmL9
nT5p7d3R4fLk/aZ5ni4yH+0OMNv9hq45fHyWOPt/UnALHUCzQ+TpC9cbec+15xBY
B5YO6AM1C1aqZ616cJPoI8qrIwgF/nAZG7Y5dnFYnJRL5iy9LTrrdnxaH3+SxeM9
wFTHAtsITNFs5aKGupDDsxIzhBNHjWzMjnpqXmjBbHrclDlYyklHcMi4m+8S0GaP
ZG3hKo8FiT0eMy69GQPwlQWypC6JlCTaiAP1/EZ4GzmwCTl97I+MEO463pe7ABv2
qVvzkysGFOrBkjl/xdw73zsRuoXgsR04sPzHM5TalY6gwoB9Hv/rq4Lp3VYRYSk3
gJ6ABeL59XUBzfpNspkbqYQ5uGZlpg4B1tHdwwvn1UiUMc2dFaKiCMXwRV4cKQNq
QbRwxjuljf9PHYHY+QF/cLbgOO+NtG8OVEGfqqLQoegkDaAm+t7+8YRf/Td4J6FF
F2MvC/JrGfo=
=Nl1W
-----END PGP SIGNATURE-----