Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that.
Impact
This issue affects PJSIP users who use the Opus audio codec in receiving direction. The vulnerability can lead to unexpected application termination due to a memory overwrite.
Patches
The patch is available as commit 6e9bd2e in the master branch.
For more information
If you have any questions or comments about this advisory:
Email us at security@pjsip.org
mfroeschl Reporter
Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that.
Impact
This issue affects PJSIP users who use the Opus audio codec in receiving direction. The vulnerability can lead to unexpected application termination due to a memory overwrite.
Patches
The patch is available as commit 6e9bd2e in the master branch.
For more information
If you have any questions or comments about this advisory:
Email us at security@pjsip.org