Stack overflow in PJLIB leads to remote code execution when invoking
pjsua_recorder_create with malicious input
PJLIB (, 2.1.11], fixed in 2.12
CVE-2021-43300 was found in
pjsua_recorder_create (OO wrapper -
AudioMediaRecorder::createRecorder) which creates a file recorder and automatically connects this recorder to the conference bridge.
Attackers that can remotely control the contents of the
filename argument of
pjsua_recorder_create may cause remote code execution.
This function contains a stack overflow vulnerability when
filename->ptr is being copied via
memcpy to the
path stack variable without checking that
filename->slen is at most the
path allocated size which is
No PoC is supplied for this vulnerability.
No mitigations are provided for this vulnerability.
In order to fully fix this vulnerability, we recommend upgrading PJSIP to version 2.12.