Unrated severityNVD Advisory· Published Apr 6, 2022· Updated Apr 23, 2025
Potential out-of-bound read/write in PJSIP
CVE-2022-24786
Description
PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmedia_rtcp_fb_parse_rpsi() will be affected. A patch is available in the master branch of the pjsip/pjproject GitHub repository. There are currently no known workarounds.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
5- security.gentoo.org/glsa/202210-37mitrevendor-advisory
- www.debian.org/security/2022/dsa-5285mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2022/11/msg00021.htmlmitremailing-list
- github.com/pjsip/pjproject/commit/11559e49e65bdf00922ad5ae28913ec6a198d508mitre
- github.com/pjsip/pjproject/security/advisories/GHSA-vhxv-phmx-g52qmitre
News mentions
0No linked articles in our index yet.