Alpine: asterisk: security update to 18.24.3-r0

high Tenable Cloud Security Plugin ID 408526

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL
unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is
fixed in 18.23.1, 20.8.1, and 21.3.1. (CVE-2024-35190)

- Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions
18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with
`write=originate` may change all configuration files in the `/etc/asterisk/` directory. This occurs
because they are able to curl remote files and write them to disk, but are also able to append to existing
files using the `FILE` function inside the `SET` application. This issue may result in privilege
escalation, remote code execution and/or blind server-side request forgery with arbitrary protocol.
Asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2
contain a fix for this issue. (CVE-2024-42365)

- Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.24.3, 20.9.3, and 21.4.3 of
Asterisk and versions 18.9-cert12 and 20.7-cert2 of certified-asterisk, if Asterisk attempts to send a SIP
request to a URI whose host portion starts with `.1` or `[.1]`, and res_resolver_unbound is loaded,
Asterisk will crash with a SEGV. To receive a patch, users should upgrade to one of the following
versions: 18.24.3, 20.9.3, 21.4.3, certified-18.9-cert12, certified-20.7-cert2. Two workarounds are
available. Disable res_resolver_unbound by setting `noload = res_resolver_unbound.so` in modules.conf, or
set `rewrite_contact = yes` on all PJSIP endpoints. NOTE: This may not be appropriate for all Asterisk
configurations. (CVE-2024-42491)

See Also

https://security.alpinelinux.org/vuln/CVE-2024-35190

https://security.alpinelinux.org/vuln/CVE-2024-42365

https://security.alpinelinux.org/vuln/CVE-2024-42491

Plugin Details

Severity: High

ID: 408526

Version: Revision 1.6

Type: Local

Published: 10/1/2024

Updated: 11/7/2025

Supported Sensors: Agentless Assessment

Risk Information

VPR

Risk Factor: High

Score: 7.6

Percentile: 98.49

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-42365

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 5/17/2024

Exploitable With

Metasploit (Asterisk AMI Originate Authenticated RCE)

Reference Information

CVE: CVE-2024-35190, CVE-2024-42365, CVE-2024-42491