Alpine: multiple asterisk packages: security update to 18.20.2-r0

critical Tenable Cloud Security Plugin ID 425703

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- PJSIP is a free and open source multimedia communication library written in C language implementing
standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when
parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications
that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch
(2.13.1). (CVE-2022-23537)

- Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and
prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update'
functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the
new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally
exploitable, unless dialplan is explicitly written to update a header based on data from an outside
source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available
at commit a1ca0268254374b515fa5992f01340f7717113fa. (CVE-2023-37457)

- Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions
18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any
arbitrary file even when the `live_dangerously` is not enabled. This allows arbitrary files to be read.
Asterisk versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, contain
a fix for this issue. (CVE-2023-49294)

- Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions
18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk prior to 18.9-cert6; Asterisk is susceptible to
a DoS due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP
for media setup. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during
the attack. Abuse of this vulnerability may lead to a massive Denial of Service on vulnerable Asterisk
servers for calls that rely on DTLS-SRTP. Commit d7d7764cb07c8a1872804321302ef93bf62cba05 contains a fix,
which is part of versions 18.20.1, 20.5.1, 21.0.1, amd 18.9-cert6. (CVE-2023-49786)

See Also

https://security.alpinelinux.org/vuln/CVE-2022-23537

https://security.alpinelinux.org/vuln/CVE-2023-37457

https://security.alpinelinux.org/vuln/CVE-2023-49294

https://security.alpinelinux.org/vuln/CVE-2023-49786

Plugin Details

Severity: Critical

ID: 425703

Version: Revision 1.6

Type: Local

Published: 4/18/2025

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 5

Percentile: 94.49

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-23537

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 12/20/2022

Reference Information

CVE: CVE-2022-23537, CVE-2023-37457, CVE-2023-49294, CVE-2023-49786