Linphone Session Initiation Protocol (SIP) client suite vulnerability allows hackers to crash applications via DoS attack

Cybersecurity specialists report the detection of a severe vulnerability in Linphone Session Initiation Protocol (SIP) that would allow threat actors to block an application remotely. SIP is a signaling protocol used to initiate, maintain and end communication sessions, widely used in instant messaging and video calling platforms.

Linphone’s SIP client developed and maintained by the French company Belledonne Communications as an open source project. Linphone solutions are used by more than 200 corporate customers in the field of telecommunications, Internet of Things (IoT) and home and business connections.

According to a report by the security firm Claroty, the flaw in question resides in the Belle-sip library and was corrected with the release of version 4.5.20 a couple of months ago. Tracked as CVE-2021-33056, the vulnerability was described as a NULL pointer dereference that can be exploited remotely and without user interaction through the submission of a specially crafted INVITE request.

Successful exploitation of the flaw would allow the deployment of a denial-of-service (DoS) condition, the researchers note.

Under normal conditions, INVITE requests initiate a dialog to set up a call, and SIP clients are configured to listen to these types of requests from other clients. These requests go from the initiating client to the guest client through the SIP server.

The researchers note that all it takes to remotely exploit this process is to send any SIP client an INVITE SIP request with a From/To/Diversion header, which will trigger the NULL pointer dereference flaw: “Any application that uses belle-sip to analyze SIP messages is vulnerable and will suffer a crash when receiving a malicious SIP call,” the report states.

The flaw was fixed in the core protocol stack, although the researchers note the importance of secondary vendors also implementing some security measure.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.