VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 9, 2015· Updated May 6, 2026

CVE-2015-1558

CVE-2015-1558

Description

Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service (file descriptor consumption) via an SDP offer containing only incompatible codecs.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Asterisk PJSIP driver fails to reclaim RTP ports when an SDP offer contains only incompatible codecs, enabling a remote authenticated DoS via file descriptor exhaustion.

Vulnerability

An authenticated remote endpoint can trigger a file descriptor leak in Asterisk's PJSIP channel driver (versions 12.x before 12.8.1 and 13.x before 13.1.1) by sending an SDP offer that lists only codecs not permitted by Asterisk's configuration [1], [2]. The driver allocates RTP ports during call setup but fails to reclaim them when the offer is rejected due to codec incompatibility [1], [2]. This issue does not affect the chan_sip driver [1], [2].

Exploitation

An attacker must be a remote authenticated endpoint with the ability to send a crafted SIP/SDP INVITE [1], [2]. By repeatedly offering only codecs that are disallowed for that endpoint, the attacker forces Asterisk to allocate RTP ports that are never freed, gradually consuming file descriptors [1], [2].

Impact

Successful exploitation leads to exhaustion of available file descriptors, causing a denial of service (DoS) as the Asterisk service becomes unable to accept new calls or handle legitimate traffic [1], [2]. The impact is limited to authenticated sessions; unauthenticated requests cannot trigger the leak because resources are allocated after authentication [1], [2].

Mitigation

Upgrade to Asterisk 12.8.1 or 13.1.1, which were released on 9 January 2015 [1], [2]. Users unable to upgrade immediately can restrict the attack surface by limiting authenticated endpoint access via firewall rules or disabling the PJSIP channel driver in favor of chan_sip [1], [2]. There is no known public exploit code [1].

References
  1. File descriptor leak when incompatible codecs are offered
  2. AST-2015-001

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

35
  • Digium/Asterisk34 versions
    cpe:2.3:a:digium:asterisk:12.0.0:*:*:*:*:*:*:*+ 33 more
    • cpe:2.3:a:digium:asterisk:12.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.1.0:-:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.1.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.2.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.2.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.3.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.3.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.4.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.5.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.6.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.7.0:*:*:*:lts:*:*:*
    • cpe:2.3:a:digium:asterisk:12.7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.7.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.8.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.8.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:12.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:13.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:13.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:13.1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:13.1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:13.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:digium:asterisk:13.2.0:rc1:*:*:*:*:*:*
  • Asterisk/Asterisk Open Sourcellm-fuzzy
    Range: <12.8.1, <13.1.1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.