Asterisk: Multiple Vulnerabilities
Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.
asterisk
2024-12-07
2024-12-07
771318
803440
838391
884797
920026
937844
939159
remote
18.24.3
18.24.3
Asterisk is an open source telephony engine and toolkit.
Multiple vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All Asterisk users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/asterisk-18.24.3"
CVE-2020-35776
CVE-2021-26712
CVE-2021-26713
CVE-2021-26714
CVE-2021-26717
CVE-2021-26906
CVE-2021-31878
CVE-2021-32558
CVE-2022-26498
CVE-2022-26499
CVE-2022-26651
CVE-2022-37325
CVE-2022-42705
CVE-2022-42706
CVE-2023-37457
CVE-2023-49294
CVE-2023-49786
graaff
graaff