VDB
CVE-2018-8828
CVE-2018-8828
PUBLISHED
A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. A specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in modules/tmx/tmx_pretran.c.
EPSS 0.93% · 76.4th percentile
Risk Scores
EPSS Score
0.93%
76.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | kamailio | 0, 4.3.1-2ubuntu1, 4.3.4-1.1ubuntu1 |
Timeline
- Mar 20, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 27, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 10, 2023 EPSS Score
- Mar 14, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2018-8828 third-party-advisory
- https://github.com/EnableSecurity/advisories/tree/master/ES2018-05-kamailio-heap-overflow third-party-advisory
- https://github.com/kamailio/kamailio/commit/e1d8008a09d9390ebaf698abe8909e10dfec4097 third-party-advisory
- https://ubuntu.com/security/notices/USN-4240-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2018-8828 third-party-advisory