CVE-2018-14343

Published: Jul 19, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=9402f2f80c6bc7d25178a0875c5a1f5ee36361db

x_refsource_CONFIRM

1041608

vdb-entry

x_refsource_SECTRACK

[debian-lts-announce] 20180729 [SECURITY] [DLA 1451-1] wireshark security update

mailing-list

x_refsource_MLIST

https://www.wireshark.org/security/wnpa-sec-2018-37.html

x_refsource_CONFIRM

104847

vdb-entry

x_refsource_BID

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14682

x_refsource_CONFIRM

openSUSE-SU-2020:0362

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-14343

Description

Affected Products

References