Описание
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 2.2.6+g32dac6a-2 |
| bionic | released | 2.6.3-1~ubuntu18.04.1 |
| devel | not-affected | 2.6.3-1 |
| esm-apps/bionic | released | 2.6.3-1~ubuntu18.04.1 |
| esm-apps/xenial | released | 2.6.3-1~ubuntu16.04.1 |
| esm-infra-legacy/trusty | released | 2.6.3-1~ubuntu14.04.1 |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | released | 2.6.3-1~ubuntu14.04.1 |
| trusty/esm | released | 2.6.3-1~ubuntu14.04.1 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector co ...
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3