vulnerability
FreeBSD: VID-e91cf90c-d6dd-11e7-9d10-001999f8d30b (CVE-2017-17090): asterisk -- DOS Vulnerability in Asterisk chan_skinny
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Dec 1, 2017 | Dec 14, 2017 | Jun 15, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Dec 1, 2017
Added
Dec 14, 2017
Modified
Jun 15, 2026
Description
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain requests, it can cause the asterisk process to use excessive amounts of virtual memory, eventually causing asterisk to stop processing requests of any kind.
Solution
freebsd-upgrade-package-asterisk13
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.