SUSE Package Hub - openSUSE-2024-245

Update Info

openSUSE-2024-245

Security update for sngrep

Type: security

Severity: moderate

Issued: 2024-08-16

Description:

This update for sngrep fixes the following issues:

- CVE-2024-35434: Fixed heap buffer overflow in rtp_check_packet (boo#1225638)

References

CVE: CVE-2024-35434
Bugzilla: 1225638 VUL-0: CVE-2024-35434: sngrep: Sngrep v1.8.1 was discovered to contain a heap buffer overflow via the function rtp_check_packet at /sngrep/src/rtp.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SIP packet.

Packages

sngrep-1.8.1-bp155.2.6.1