CVE-2018-14344

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-14344

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14344.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-14344

Related

Published

2018-07-19T02:29:00Z

Modified

2024-09-18T02:59:29.321867Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.

References

Affected packages

Debian:11 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

9be0fa500da594ed01baf3214642838d22811c90

Last affected

6b4493c3dc79478a556cb6b44fda2134a76d07f1

Introduced

c7239f0201292253817c7c4c9a394a47113ca55c

Last affected

860a78b3c701b8e318e490ed46e847e3c4b4cab7

Introduced

5368c50be46d4a44986d12bdfc0a35b42c0f34fc

Last affected

c43eaa1b7be098dad15ffb33f987be5a907b88bd

Affected versions

2.*

2.2.1rc0

v2.*

v2.2.0

v2.2.1

v2.2.10

v2.2.10rc0

v2.2.11

v2.2.11rc0

v2.2.12

v2.2.12rc0

v2.2.13

v2.2.13rc0

v2.2.14

v2.2.14rc0

v2.2.15

v2.2.15rc0

v2.2.1rc0

v2.2.2

v2.2.2rc0

v2.2.3

v2.2.3rc0

v2.2.4

v2.2.4rc0

v2.2.5

v2.2.5rc0

v2.2.6

v2.2.6rc0

v2.2.7

v2.2.7rc0

v2.2.8

v2.2.8rc0

v2.2.9

v2.2.9rc0

v2.4.0

v2.4.1

v2.4.1rc0

v2.4.2

v2.4.2rc0

v2.4.3

v2.4.3rc0

v2.4.4

v2.4.4rc0

v2.4.5

v2.4.5rc0

v2.4.6

v2.4.6rc0

v2.4.7

v2.4.7rc0

v2.6.0

v2.6.1

v2.6.1rc0

wireshark-2.*

wireshark-2.2.0

wireshark-2.2.1

wireshark-2.2.10

wireshark-2.2.11

wireshark-2.2.12

wireshark-2.2.13

wireshark-2.2.14

wireshark-2.2.15

wireshark-2.2.2

wireshark-2.2.3

wireshark-2.2.4

wireshark-2.2.5

wireshark-2.2.6

wireshark-2.2.7

wireshark-2.2.8

wireshark-2.2.9

wireshark-2.4.0

wireshark-2.4.1

wireshark-2.4.2

wireshark-2.4.3

wireshark-2.4.4

wireshark-2.4.5

wireshark-2.4.6

wireshark-2.4.7

wireshark-2.6.0

wireshark-2.6.1