{"id":"CVE-2023-38703","summary":"PJSIP has use-after-free vulnerability in SRTP media transport","details":"PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability’s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch.","aliases":["GHSA-f76w-fh7c-pc66"],"modified":"2026-04-12T08:33:20.192889Z","published":"2023-10-06T13:46:54.238Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/38xxx/CVE-2023-38703.json","cwe_ids":["CWE-416"],"cna_assigner":"GitHub_M"},"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/38xxx/CVE-2023-38703.json"},{"type":"ADVISORY","url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38703"},{"type":"FIX","url":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pjsip/pjproject","events":[{"introduced":"0"},{"fixed":"6dc9b8c181aff39845f02b4626e0812820d4ef0d"}]}],"versions":["2.10","2.11","2.12","2.13"],"database_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"291439380244326309110820350954913949245","length":2910},"id":"CVE-2023-38703-03e854d6","target":{"function":"pjmedia_transport_srtp_create","file":"pjmedia/src/pjmedia/transport_srtp.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"216464516856984859759145025894935584395","length":548},"id":"CVE-2023-38703-0e5d18fb","target":{"function":"ssl_destroy","file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["62414217761437297167510595831212017086","101327048516531689218912682425279192700","217566315265586793142508026835505285079","27083450769088995312640144961379601977","73915104360849352966618009062809155376","81617972177551567144509004370224687348","212119156592726916683960274827989094161","44264316378102648421933344018823091595","165277938260213313727346407204010221897","165519885539688887363665202647781538195","337151327354272137245920235468120233823","200690609020876218487031371108969365684","158339545527708010852439682939579893411","322907865055775849475058095447752619333","240950987728493080072229851494844024253","67468008112732070915866993206237149163","66124053251333720785928469790358383146","299341590536985937587398283903959170351","168079397242951407648928216974352928707","112291533620937341356764471826345415397","329190173891107724629830330088606435917","66316516434964316259558152295139941310","163335193517878529584334810903330033847","46873207565927108145148363156272006203","71874649187884913232298215656674720295","133302350258491440642528062478853906937","185136603957946372516345699651461250539","161395363098187618964386384297332898215","332456350034459474001761824252036838502","312058496884164107930828480810103498609"]},"id":"CVE-2023-38703-1389a8a3","target":{"file":"pjmedia/src/pjmedia/transport_loop.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Line"},{"deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["72721931249485630991120495375203032781","308867337498244226907003473171577831034","289408491109087486661368135457083106962","293764740208775529712021845586491856569","241588428658580721051294759743857433022","223711435786192526408616635701581725716","216776041455510768959076202981548464154","179831910458482192299159883465977207166","222711152509289316415437366195271765308","295785765685577722063784215744850291600","21549873441948951648381489658713519995","210166034369619946932774110630551634868","332022654546700658078110761280924493945","222030648120628044459299088294355996254","135900602904708958585094760489416025937","68059824395974237246565860385308679500","282673773099150444084986991884657661619","202496021229020738636173927312301707872","332876293911882144165835798805413051858","262403165413670444987974982596360928316","114736981345581163046819534898983174381","151293295597470622873185494183267162543","145362030222850408749916845917113235251","272020573416631137746143371461400428675","58615200686497327165602221010772114231","106449085783434294132937284174464148279"]},"id":"CVE-2023-38703-18fe551d","target":{"file":"pjmedia/src/pjmedia/transport_udp.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Line"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"134418019032318284806686409035673887751","length":447},"id":"CVE-2023-38703-1a52eeec","target":{"function":"clock_cb","file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"202964793710754787287639007353571309636","length":562},"id":"CVE-2023-38703-1b3f03d6","target":{"function":"pjmedia_tp_adapter_create","file":"pjmedia/src/pjmedia/transport_adapter_sample.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"214169750683719066682322500245379809204","length":2050},"id":"CVE-2023-38703-27249c32","target":{"function":"dtls_on_recv","file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"145103344068178476303297854918616136133","length":1139},"id":"CVE-2023-38703-2c9834e4","target":{"function":"transport_send_rtp","file":"pjmedia/src/pjmedia/transport_loop.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["63489514014974334885501559914292991325","24930643306791438964233671132364543918","229512717875421732411969582960534365074","33196095856441383243847898641811563060","203489062978513507760652708262936668962","339165080219112349517772991717099389700","78197227775645185281760620453484464212","222655568246328454900223857539283663974","254403465240533223690745139078055632849","255181502833932317333866667817933596861","3427711017248322123623745040280909185","261854166820542302793030344383972775228","338027827547811716508882719676079251982","36938973679770622096873019095926687008","195861924988217199605512367558392340196","168266840618239587494319003510328756728","26760765481491945582385710742866310869","305349143468153297090099951827361171946","191695738397164517641688482804488007625","142365457692503080839137294122004695405","176334035945617717924256614972578414113","50044137771241745596581603202062526791","325995289159604744413937193716423476446","163923750793543024132659188297068338040","241192374761912398323832823187898952261","34463163248513481712977159357854105098","134652267289657786764384784884496731691","228439533676399742797138295434509784404","40596838960008107942788216720898689448","68726342863998733582830189963940387422","326925173242386349135627361514418644686","108787571223428769121969146763334673553","207720023102421754296413975163497585149","62452764151166548247490799862456026148","8155067491576868180747616323564063247","269285282425465475619264873964620988338","22410637853410767345356005434706883433","185231670799663950588337204213765132169","269953344406791462712515291920643326351","328161091487251353469228770818528362723","185983794077121437562940544917031597625","280532887110188644223820612683527967162","24323314160844871990838891880922154673","145122359371381739172435487385033419053","163410707930971864167790334709512813030","52051769692021687401302547091230188000","73077474250357991989486385293392947581","16500467676944881192122349203809578328","87978209548529108020871959104456614692","136335284119504125092476857204859835069","182496788676945664500852890259301956223","166001474333132122586853781748320019100","186011205062274629522356973399541756531","137905339644003404865098825250895805464","12544182968359983045201164149527489218","62190331035542629397801887289367514156","40316613605821214249014260323922183771","317513013003679958422480923747161142507","288151837298836526839950236002036715914","75590187349931387747159200634827200350","7972819150554767845969132727190506481","189583340180404096420653663223978072140","185983794077121437562940544917031597625","233293581687498388759872508129710916853","214010207711963562705404656230507313729","228162013612955012424560571229408550795","115977427861142763050464649585206430056","103342292185672236136235835210125591413","175308288998768316034751757564235975681","216491549285806492171721312246741194121","274657586053278247824312465685292911555","69502497031189244267123165296815787970","282542008812749105748433151576002640641","270670587085602308471769594264517081592","307676358797066541941670910830593544363","276787118941321784509540015766845580154","68324431830429317370725321606857095944","166732191786617818166537623427140225801","82335780996781316036237031712898353282","269104033696921025407377834831103243701","279530559976221414448113450408014536453","68362409765415190678380158252316845351","122722161671789876391275710233459172257","10795963307168098493706733979709857444","161898647165706620875276358148976200405","279797799473550439128753539817230560618","183813514935054480195368329066555762999","8617374066910875644221088235591702020","230364035827395007339610088540287117574","37869193616796392144676547779828105243","17171759204835064590817148276588439267","311268446474488209833536115577216533615","328468780924413346726842598309156935082","68303685459506356542624124897083868925","135822732369636479936607337834162763634","27527036616699478990331409170761271686","158691196700478390563497095903704006119","317414541873831284861204783433515937997","144830772721918223687628436875234033448","212087392372396392297138167850309543020","108977048015363727469685348631469754602","251454508692762127246217385773925671034","64591345374663997903694201657871449356","88571477005063611228141159696006971635","31828496664475891954717045592343608403","151017702744768606142091945890313567613","115309131913977601803301946709316656364","11046766492426377697416250891787712920","156514564733841534885924802438865378868","200103003360415613601218362845857881361","247331366956063073988954564032447473663","50904406017244578090003018365144976668","76776289035111690063747101930041510965","171811183434421025350919192155366737459","332789321471635544473957239433400975859","189583340180404096420653663223978072140","185983794077121437562940544917031597625","255585371110746219647916528593490207593","299314825024270096360099473744622234106","220993983997773750122317241415540453753","298887073173416172623005478976678524149","316746508683718319290952300456199223390","62009765102402213269035792636304644328","265806665597621730472294100876488835625","167939567729874132681298118203030111699","230523297965911115531324103830581698273","291922324218432359614637285399472319688","130044380230679523088103550919431472454","79540723171585255442582084953282639590","139129529735993572489468432278931957816","88013182574021612776829113387235074016","215018266946356557680548929941874107729","56272982522631234871357067316122329479","10845272070516312723865843720507274102","254959757546565391153210649921880925800","157096450625746363786675296080035497421","276481930767484376262521211247228102505","125503331328922016568199633259474818434","302443083534856878519348549141734245920","185863420296010092736110767761226611541","28176554480607860603169907273389533646","282450586348122483806150850369970287512","207847455664430747160999245343084192150","45357602355942378743244655062971835758","139776670203122139848853312095004651890","257758751517732942502158760006315470977","35218160771866735384952042706414627751","41930789369593418213138406897827336858","298268025323900217709261740367907516941","110733932703269586857845443697639668287","264718910483673944516446113516161644116","208669632359567976431304354921017692005","261248382270582175682024895014209290398","291711771146522311232989246032669085833","169448713336208304104809267837590842650","270699211835168451807308100090499893478"]},"id":"CVE-2023-38703-2ce498e8","target":{"file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Line"},{"deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["27800848480455454236148927334083876102","109887703074859499272546904657981685094","138344409293787976118781096577285327828","314787148203775985550067086426829436407","41626598797315857632098818867349313352","316609721164548005840238754027965824408","311297677739220497966520203478875282475","191961471470706782606516084298533871733","326369980668724445988167984556500121945","14134498469424120302033628015279386272","246886887396357474754978459363107384037"]},"id":"CVE-2023-38703-35c62763","target":{"file":"pjmedia/src/pjmedia/transport_ice.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Line"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"154399702371400503767964007328754349869","length":106},"id":"CVE-2023-38703-4273e44f","target":{"function":"tp_ice_on_destroy","file":"pjmedia/src/pjmedia/transport_ice.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"52654390917523883663975503479260821692","length":689},"id":"CVE-2023-38703-4996e59b","target":{"function":"dtls_create","file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"130723355849444373605238660332274977841","length":983},"id":"CVE-2023-38703-4fb8f1b2","target":{"function":"ssl_match_fingerprint","file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["111797369436559545577824287694338641538","276157957026293630672612374596990045744","174408236640729172872105753224650720503","300982982150546786101215319996726976093"]},"id":"CVE-2023-38703-546ae7a5","target":{"file":"pjmedia/include/pjmedia/transport.h"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Line"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"288836561299316153230303418065423756347","length":720},"id":"CVE-2023-38703-56fed73d","target":{"function":"transport_destroy","file":"pjmedia/src/pjmedia/transport_udp.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"335313836000127583011474929491813389030","length":476},"id":"CVE-2023-38703-5746d447","target":{"function":"transport_send_rtcp2","file":"pjmedia/src/pjmedia/transport_loop.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"150459416352754300898856150492766425306","length":1750},"id":"CVE-2023-38703-6b2409c6","target":{"function":"ssl_handshake_channel","file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"59271251622011226550807440132142418291","length":1842},"id":"CVE-2023-38703-6dc32319","target":{"function":"pjmedia_ice_create3","file":"pjmedia/src/pjmedia/transport_ice.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"80339939594709178752126480484952302371","length":420},"id":"CVE-2023-38703-7b3f779e","target":{"function":"transport_destroy","file":"pjmedia/src/pjmedia/transport_ice.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"91883778916355420439595445280299225267","length":1069},"id":"CVE-2023-38703-86966efc","target":{"function":"pjmedia_transport_loop_create2","file":"pjmedia/src/pjmedia/transport_loop.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"333494720414245255702230046045244847729","length":157},"id":"CVE-2023-38703-8b8626ed","target":{"function":"transport_destroy","file":"pjmedia/src/pjmedia/transport_loop.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"41503966465387917888080819263100766599","length":486},"id":"CVE-2023-38703-905d047f","target":{"function":"transport_destroy","file":"pjmedia/src/pjmedia/transport_srtp.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"143556260429822275098617210885277194697","length":364},"id":"CVE-2023-38703-96632b99","target":{"function":"dtls_destroy","file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"213450221911804060329530821675984760175","length":973},"id":"CVE-2023-38703-983dc044","target":{"function":"ssl_on_recv_packet","file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"197448978625464702400103500804363291147","length":2789},"id":"CVE-2023-38703-9f43d490","target":{"function":"ssl_flush_wbio","file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"111196021784321025591141415497266343372","length":3162},"id":"CVE-2023-38703-aab8b359","target":{"function":"pjmedia_transport_udp_attach","file":"pjmedia/src/pjmedia/transport_udp.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"209367389562638968808304769770339863385","length":1966},"id":"CVE-2023-38703-c16b13b2","target":{"function":"ssl_get_srtp_material","file":"pjmedia/src/pjmedia/transport_srtp_dtls.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"150862504555097088146009648202780990223","length":182},"id":"CVE-2023-38703-c7c2bebc","target":{"function":"transport_destroy","file":"pjmedia/src/pjmedia/transport_adapter_sample.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["88723154555991026072880985579158835895","47487567207671804616182050880748897017","258881661897533752761723961473602510665","211932657491848768519053661903905073277","309744218447544933769570113267472808199","241722916377465040771169563035405636661","136642348940669674457081339257507935955","282796841109889828088484732737219527134","277719510954066656624409210311163147561","228208595088131528155912776715678271899","244508718252200506581377732594699934901","232558318700190113287027959544685816534","161973387850780366247625981182239267498","83276927166575194480743687701901328172","291848247376203412517115926914392939134","124569327128429587653954787049773460648","25405565058921232697893868324532276554","317918209599262570391645976600382103610","287474090439506956805878604048903910062","281009217569665971437406937483501973323","54332976208029629841981644358635001776","279648753505873709847228674753112692415"]},"id":"CVE-2023-38703-ed2a50aa","target":{"file":"pjmedia/src/pjmedia/transport_srtp.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Line"},{"deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["285539631851075752322378323751169616081","331228420497391979539751252552930314793","280258523596421512054862904949891531255","81420265078276152494994475423976102327","203481281515683191286188464494579062276","9053458796001441190380244214959464090","317611153019847742318876879136916521336","103220979472304792114968621494778255039","28978080000934973509092737288241415767","236718452264506475916697567899405171904","71791581696595100404749982597638521202","79578342194362195348162785799500235598"]},"id":"CVE-2023-38703-f0a7ccb6","target":{"file":"pjmedia/src/pjmedia/transport_adapter_sample.c"},"source":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","signature_type":"Line"}],"vanir_signatures_modified":"2026-04-12T08:33:20Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-38703.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}