CVE-2022-23608 is a use-after-free vulnerability (CWE-416) identified in the pjsip pjproject multimedia communication library, which is widely used for implementing standard protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. The vulnerability affects pjproject versions up to and including 2.11.1. It arises in scenarios involving dialog sets or forking, where multiple User Agent Client (UAC) dialogs share a hash key. When one of these dialogs is destroyed, the shared hash key may be prematurely freed. This premature freeing leads to inconsistent state in the hash table, causing the dialog set to be registered multiple times with different hash keys. The resulting undefined behavior can cause dialog list collisions and may lead to an endless loop during dialog processing. This can severely disrupt the normal operation of SIP-based communication sessions. The vulnerability is rooted in improper memory management, specifically the use of freed memory, which can cause application instability or crashes. Although no known exploits are currently reported in the wild, the vulnerability poses a risk of denial-of-service (DoS) conditions due to endless loops or application crashes. A patch addressing this issue has been committed (commit db3235953baa56d2fb0e276ca510fefca751643f) and is slated for inclusion in the next pjproject release. No workarounds are currently available, making timely patching critical for affected deployments.

For European organizations, especially those relying on VoIP and multimedia communication systems built on pjproject, this vulnerability can lead to service disruptions. The endless loop or crash conditions can cause denial-of-service, impacting the availability of critical communication infrastructure such as call centers, emergency services, and enterprise telephony systems. This can degrade business operations, customer service, and potentially emergency response capabilities. Furthermore, instability in SIP dialogs may lead to dropped calls or failed session establishments, affecting user experience and operational reliability. While there is no direct evidence of exploitation leading to confidentiality or integrity breaches, the disruption of communication services can have cascading effects on organizational workflows and incident response. Given the widespread use of pjsip in telecommunication equipment and software, the impact could be significant in sectors such as telecommunications, finance, healthcare, and government services across Europe.

1. Immediate application of the official patch once released by the pjproject maintainers is the primary mitigation step. Monitor pjproject repositories and vendor advisories for the updated version containing the fix. 2. Conduct an inventory of all systems and applications using pjproject versions up to 2.11.1 to identify affected assets. 3. Where patching is not immediately feasible, consider isolating affected systems from critical network segments to limit potential impact. 4. Implement enhanced monitoring of SIP traffic and application logs to detect abnormal dialog behaviors, such as repeated registrations or looping conditions, which may indicate exploitation attempts or instability. 5. Engage with vendors of telephony and communication products that embed pjproject to ensure they provide timely updates or mitigations. 6. Perform regular backups and ensure incident response plans include scenarios for communication service disruptions. 7. Consider deploying network-level protections such as SIP-aware firewalls or session border controllers that can detect and mitigate anomalous SIP dialog behaviors. These measures can help contain the impact until patches are applied.