CVE-2017-17664

MEDIUM5.9EPSS 1.3%

Published: 12/13/2017Modified: 4/28/2026

Also known as:DEBIAN-CVE-2017-17664

Description

A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before 13.13-cert9. Certain compound RTCP packets cause a crash in the RTCP Stack.

Affected packages (1)

Debian/asteriskfrom 0, < 1:13.18.5~dfsg-1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.9	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2017-17664