Bug 27760

Summary: libosip2 security vulnerability CVE-2017-7853
Product: Mageia Reporter: Zombie Ryushu <zombie_ryushu>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED DUPLICATE QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://nvd.nist.gov/vuln/detail/CVE-2017-7853
Whiteboard:
Source RPM: libosip2-5.0.0-4.mga8.src CVE: CVE-2017-7853
Status comment:

Description Zombie Ryushu 2020-12-06 15:18:22 CET 
In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.
Zombie Ryushu 2020-12-06 15:18:41 CET

CVE: (none) => CVE-2017-7853

Comment 1 David Walser 2020-12-06 17:26:28 CET 
Already reported and FIXED.

*** This bug has been marked as a duplicate of bug 20758 ***

Resolution: (none) => DUPLICATE
Status: NEW => RESOLVED