Уязвимость аварийного завершения работы диссектора протокола FCP в Wireshark из-за отсутствия проверки указателя
Описание
В Wireshark происходит аварийное завершение работы при использовании диссектора протокола FCP. Проблема решена в epan/dissectors/packet-fcp.c путем добавления проверки на указатель NULL.
Затронутые версии ПО
- Wireshark версии с 2.4.0 до 2.4.4
- Wireshark версии с 2.2.0 до 2.2.12
Тип уязвимости
Аварийное завершение работы
Ссылки
- Third Party AdvisoryVDB Entry
- Issue TrackingVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol diss ...
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.
EPSS
7.5 High
CVSS3
5 Medium
CVSS2