Race condition vulnerability in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 in chan_pjsip channel driver allows remote attackers to cause denial of service.

Race condition vulnerability in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 in chan_pjsip channel driver allows remote attackers to cause denial of service.

CVE-2014-8415 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Race condition in the chan_pjsip channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 allows remote attackers to cause a denial of service (assertion failure and crash) via a cancel request for a SIP session with a queued action to (1) answer a session or (2) send ringing.

Learn more about our Open Source Audit.