Stack overflow in PJLIB leads to remote code execution when invoking pjsua_recorder_create with malicious input
PJLIB (, 2.1.11], fixed in 2.12
CVE-2021-43300 was found in pjsua_recorder_create (OO wrapper - AudioMediaRecorder::createRecorder) which creates a file recorder and automatically connects this recorder to the conference bridge.
Attackers that can remotely control the contents of the filename argument of pjsua_recorder_create may cause remote code execution.
This function contains a stack overflow vulnerability when filename->ptr is being copied via memcpy to the path stack variable without checking that filename->slen is at most the path allocated size which is PJ_MAXPATH (260).
No PoC is supplied for this vulnerability.
No mitigations are provided for this vulnerability.
In order to fully fix this vulnerability, we recommend upgrading PJSIP to version 2.12.
(JFrog) 5 New Vulnerabilities Discovered in PJSIP Open Source Library