CVE-2018-9261

Published: Apr 4, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14471

x_refsource_MISC

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=66bc372716e04d6a8afdf6712583c9b5d11fee55

x_refsource_MISC

DSA-4217

vendor-advisory

x_refsource_DEBIAN

[debian-lts-announce] 20180528 [SECURITY] [DLA 1388-1] wireshark security update

mailing-list

x_refsource_MLIST

https://www.wireshark.org/security/wnpa-sec-2018-18.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-9261

Description

Affected Products

References