Asterisk running chan_pjsip suffers from an INVITE message denial of service vulnerability. Versions affected include Versions affected include 15.2.0, 15.1.0, 15.0.0, 13.19.0, 13.11.2, and 14.7.5.
f1253625e46f227de8752682b32d8862adf05b987de5b3ce80dd452d37d33ce3
Asterisk Project Security Advisory - A crash occurs when a number of authenticated INVITE messages are sent over TCP or TLS and then the connection is suddenly closed. This issue leads to a segmentation fault.
a4a7459638ce3f3a2f66643377d5f17ef2db0d79f31570e23b023b87b15030c9