[ES2023-02] FreeSWITCH susceptible to Denial of Service via DTLS Hello packets during call initiation

Read Time:20 Second

Posted by Sandro Gauci on Dec 26

# FreeSWITCH susceptible to Denial of Service via DTLS Hello packets during call initiation

– Fixed versions: 1.10.11
– Enable Security Advisory:
https://github.com/EnableSecurity/advisories/tree/master/ES2023-02-freeswitch-dtls-hello-race
– Vendor Security Advisory: https://github.com/signalwire/freeswitch/security/advisories/GHSA-39gv-hq72-j6m6
– Other references: CVE-2023-51443
– Tested vulnerable versions: 1.10.10
– Timeline:
-…

firefox-137.0-2.fc42

FEDORA-2025-4e7468921a Packages in this update: firefox-137.0-2.fc42 Update description: Updated to latest upstream (137.0) Read More

April 1, 2025

firefox-137.0-2.fc40

FEDORA-2025-d48f900812 Packages in this update: firefox-137.0-2.fc40 Update description: Updated to latest upstream (137.0) Read More

April 1, 2025

firefox-137.0-2.fc41

FEDORA-2025-96c31e2086 Packages in this update: firefox-137.0-2.fc41 Update description: Updated to latest upstream (137.0) Read More

April 1, 2025

ZDI-25-196: Apple macOS ICC Profile Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to...

April 1, 2025

ZDI-25-195: Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to...

April 1, 2025

ZDI-25-194: Apple macOS AppleIntelKBLGraphics Time-Of-Check Time-Of-Use Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain...

April 1, 2025

New Phishing Attack Combines Vishing and DLL Sideloading Techniques

Google to Switch on E2EE for All Gmail Users

Cybercriminals Expand Use of Lookalike Domains in Email Attacks

Cell Phone OPSEC for Border Crossings

Hackers exploit little-known WordPress MU-plugins feature to hide malware

Cyber Security and Resilience Bill Will Apply to 1000 UK Firms

New Malware Variant RESURGE Exploits Ivanti Vulnerability

ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers

The Signal Chat Leak and the NSA

[ES2023-02] FreeSWITCH susceptible to Denial of Service via DTLS Hello packets during call initiation

firefox-137.0-2.fc42

firefox-137.0-2.fc40

firefox-137.0-2.fc41

ZDI-25-196: Apple macOS ICC Profile Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-25-195: Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

ZDI-25-194: Apple macOS AppleIntelKBLGraphics Time-Of-Check Time-Of-Use Information Disclosure Vulnerability