CVE-2022-23608

Q: What is the severity of CVE-2022-23608?

CVE-2022-23608 has a CVSS score of 8.1 (HIGH). This CVE describes a use-after-free vulnerability in PJSIP library versions up to 2.11.1 that occurs in dialog set scenarios. When multiple UAC dialogs share a hash key, premature freeing can cause hash table corruption leading to undefined behavior including endless loops. Any application using vulnerable PJSIP versions for SIP communication is affected.

8.1 HIGH

Denial of Service

📋 TL;DR

This CVE describes a use-after-free vulnerability in PJSIP library versions up to 2.11.1 that occurs in dialog set scenarios. When multiple UAC dialogs share a hash key, premature freeing can cause hash table corruption leading to undefined behavior including endless loops. Any application using vulnerable PJSIP versions for SIP communication is affected.

💻 Affected Systems

Products:

PJSIP/pjproject library
Asterisk PBX
Other SIP-based applications using PJSIP

Versions: PJSIP versions up to and including 2.11.1

Operating Systems: All operating systems running vulnerable PJSIP versions

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers in dialog set or forking scenarios; all configurations using affected PJSIP versions are vulnerable.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Denial of service causing service disruption through endless loops, potentially leading to complete service unavailability and resource exhaustion.

🟠

Likely Case

Service instability, intermittent crashes, or degraded performance in SIP communication systems during dialog forking scenarios.

🟢

If Mitigated

Minimal impact with proper monitoring and rapid incident response; potential brief service interruptions during exploitation attempts.

🌐 Internet-Facing: HIGH - SIP services are typically internet-facing and accessible to attackers; exploitation could disrupt critical communication services.

🏢 Internal Only: MEDIUM - Internal SIP systems could be targeted by internal threats or compromised endpoints, but attack surface is smaller.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires specific dialog set conditions but no authentication; detailed technical advisory available but no public exploit code.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit db3235953baa56d2fb0e276ca510fefca751643f; next release after 2.11.1

Vendor Advisory: https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62

Restart Required: Yes

Instructions:

1. Update PJSIP to version containing commit db3235953baa56d2fb0e276ca510fefca751643f or later. 2. Recompile applications using PJSIP. 3. Restart all services using the patched library.

🔧 Temporary Workarounds

No known workarounds

all

The vulnerability has no known configuration-based workarounds according to the advisory

🧯 If You Can't Patch

Implement network segmentation to isolate SIP services from untrusted networks
Deploy rate limiting and SIP message validation to reduce attack surface

🔍 How to Verify

Check if Vulnerable:

Check PJSIP version: pkg-config --modversion pjproject or examine library version in application dependencies

Check Version:

pkg-config --modversion pjproject 2>/dev/null || find /usr -name '*pjlib*' -exec strings {} \; | grep 'PJLIB_VERSION'

Verify Fix Applied:

Verify PJSIP version is newer than 2.11.1 and contains commit db3235953baa56d2fb0e276ca510fefca751643f

📡 Detection & Monitoring

Log Indicators:

Unusual SIP dialog errors
Process crashes or restarts
High CPU usage from SIP processes
Hash table collision warnings

Network Indicators:

Abnormal SIP forking patterns
Excessive SIP error responses
Unusual dialog termination sequences

SIEM Query:

process.name:"asterisk" AND (log_message:"dialog collision" OR log_message:"hash table error" OR event.outcome:"failure")

📊 Metadata

CVE ID: CVE-2022-23608

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: February 22, 2022

Last Updated: November 4, 2025

🔗 References

http://packetstormsecurity.com/files/166226/Asterisk-Project-Security-Advisory-AST-2022-005.html Third Party Advisory,VDB Entry
http://seclists.org/fulldisclosure/2022/Mar/1 Mailing List,Patch,Third Party Advisory
https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f Patch,Third Party Advisory
https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62 Issue Tracking,Patch,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html Mailing List,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/03/msg00040.html Mailing List,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html Mailing List,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
https://security.gentoo.org/glsa/202210-37 Third Party Advisory
https://www.debian.org/security/2022/dsa-5285 Third Party Advisory
http://packetstormsecurity.com/files/166226/Asterisk-Project-Security-Advisory-AST-2022-005.html Third Party Advisory,VDB Entry
http://seclists.org/fulldisclosure/2022/Mar/1 Mailing List,Patch,Third Party Advisory
https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f Patch,Third Party Advisory
https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62 Issue Tracking,Patch,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html Mailing List,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/03/msg00040.html Mailing List,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html Mailing List,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
https://lists.debian.org/debian-lts-announce/2024/09/msg00030.html
https://security.gentoo.org/glsa/202210-37 Third Party Advisory
https://www.debian.org/security/2022/dsa-5285 Third Party Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Asterisk by Sangoma

Asterisk by Sangoma

Asterisk by Sangoma

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Certified Asterisk by Asterisk

Debian Linux by Debian

Debian Linux by Debian

Pjsip by Teluu

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

No known workarounds

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities