Описание
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 2.2.4+gcc3dc1b-1 |
| bionic | not-affected | 2.2.4+gcc3dc1b-1 |
| devel | not-affected | 2.2.4+gcc3dc1b-1 |
| esm-apps/bionic | not-affected | 2.2.4+gcc3dc1b-1 |
| esm-apps/xenial | released | 2.2.6+g32dac6a-2ubuntu0.16.04 |
| esm-infra-legacy/trusty | released | 1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1 |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needs-triage |
| trusty | released | 1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1 |
| trusty/esm | released | 1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1 |
Показывать по
Ссылки на источники
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector ...
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
5 Medium
CVSS2
7.5 High
CVSS3