CVE-2018-7337

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-7337

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-7337.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-7337

Related

Published

2018-02-23T22:29:01Z

Modified

2024-09-03T02:22:17.235134Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.

References

Affected packages

Debian:11 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.5-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.5-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.5-1

Ecosystem specific

{
    "urgency": "low"
}

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

9be0fa500da594ed01baf3214642838d22811c90

Last affected

90a7be11a4fdc292f2af40cd49ad7e1bce335dfc

Affected versions

v2.*

v2.4.0

v2.4.1

v2.4.1rc0

v2.4.2

v2.4.2rc0

v2.4.3

v2.4.3rc0

v2.4.4

v2.4.4rc0

wireshark-2.*

wireshark-2.4.0

wireshark-2.4.1

wireshark-2.4.2

wireshark-2.4.3

wireshark-2.4.4