CVE-2018-7285 : What You Need to Know

A vulnerability in Asterisk 15.x through 15.2.1 allows for a NULL pointer access issue, potentially leading to a system crash.

Understanding CVE-2018-7285

This CVE involves a vulnerability in Asterisk 15.x through 15.2.1 that could result in a system crash due to incorrect handling of RTP packets.

What is CVE-2018-7285?

The vulnerability in Asterisk 15.x through 15.2.1 allows for a NULL pointer access issue when processing RTP packets. This arises from incorrect assumptions about the existence of certain types of RTP streams.

The Impact of CVE-2018-7285

The vulnerability could lead to a system crash if a payload number corresponds to a codec of a different type than the actual RTP stream, especially when no stream of that type has been negotiated.

Technical Details of CVE-2018-7285

This section provides more in-depth technical details about the vulnerability.

Vulnerability Description

The RTP support in Asterisk maintains a registry of dynamic codecs and their payload numbers. The issue arises when this registry is incorrectly consulted for all packets, including dynamic ones, potentially leading to a crash.

Affected Systems and Versions

Product: Asterisk 15.x through 15.2.1
Vendor: N/A
Versions: N/A

Exploitation Mechanism

The vulnerability occurs when the registry of dynamic codecs is consulted for all packets, even those that are dynamic, leading to a potential crash.

Mitigation and Prevention

To address CVE-2018-7285, follow these mitigation steps:

Immediate Steps to Take

Update Asterisk to a patched version that addresses the vulnerability.
Monitor vendor communications for any security advisories related to this issue.

Long-Term Security Practices

Regularly update and patch Asterisk to prevent known vulnerabilities.
Implement network segmentation and access controls to limit exposure to potential attacks.

Patching and Updates

Apply the latest patches and updates provided by the Asterisk project to mitigate the vulnerability effectively.