Kamailio today released a security announcement CVE-2018-14767 (more information below) which affects some versions of Kamailio that we run.
Kamailio is a well-established open source SIP proxy that we use on our network edge to filter and load-balance traffic as well as handle some unusual compatibility edge cases.
The nature of the vulnerability enables a Denial of Service (DoS) attack and, therefore, we've taken the unusual decision to deploy upgraded edge proxies as emergency maintenance during the day. This will result in a brief (under 30s) interruption and has already been tested in our lab, additionally, our international sites have already been upgraded.
We regularly maintain and update our platform, and this update has been tested internally and was scheduled to happen in the coming weeks anyway, however, the release of this vulnerability together with exploit code necessitates it being brought forward.
Customers configured in accordance with our interop information, using DNS and SRV where possible, should not see any interruption. Those monitoring our IP addresses directly will see a brief period where a site may not respond to OPTIONS requests.
We are also aware that many of our customers use Kamailio and, if you have not already done so, urge you to update to the latest supported versions. This vulnerability affects all versions prior to 5.0.7 and 5.1.4 and possibly OpenSER.
For more information on this vulnerability, please see https://skalatan.de/blog/advisory-hw-2018-05