vulnerability
Alpine Linux: CVE-2017-17090: asterisk Multiple vulnerabilities
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Dec 1, 2017 | Jan 15, 2018 | Jun 17, 2022 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Dec 1, 2017
Added
Jan 15, 2018
Modified
Jun 17, 2022
Description
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain requests, it can cause the asterisk process to use excessive amounts of virtual memory, eventually causing asterisk to stop processing requests of any kind.
Solution
alpine-linux-upgrade-asterisk

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.