Set rewrite_contact = yes on all PJSIP endpoints. Final Thoughts
At its core, CVE-2024-42491 is a critical flaw related to how Asterisk handles Session Initiation Protocol (SIP) requests. Specifically, if the res_resolver_unbound module is loaded and the system attempts to send a request to a URI with a host portion starting with .1 or [.1] , the system can suffer a segmentation fault (SEGV) and crash. The Technical "Why" 42491 rar
Set noload = res_resolver_unbound.so in your modules.conf file. Set rewrite_contact = yes on all PJSIP endpoints
The software fails to verify the success of a function or method, leading it to proceed into an "unexpected state"—in this case, a total crash. Who Is Affected? 42491 rar
Versions prior to 18.9-cert12 and 20.7-cert2. How to Secure Your System