VYPR
Unrated severityNVD Advisory· Published Dec 5, 2022· Updated Apr 24, 2025

CVE-2022-42705

CVE-2022-42705

Description

A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing activity on that subscription.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Freepbx/Asteriskcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 16.28, = 18.14, = 19.6, = certified/18.9-cert2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.