OSV-2025-371

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wireshark/OSV-2025-371.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-371
Published
2025-05-16T00:16:16.300219Z
Modified
2025-05-16T00:16:16.300689Z
Summary
Index-out-of-bounds in tcp_analyze_sequence_number
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=417518224

Crash type: Index-out-of-bounds
Crash state:
tcp_analyze_sequence_number
dissect_tcp
call_dissector_through_handle
References

Affected packages

OSS-Fuzz / wireshark

Package

Name
wireshark
Purl
pkg:generic/wireshark

Affected ranges

Type
GIT
Repo
https://gitlab.com/wireshark/wireshark.git
Events
Introduced
c6f73d5fbcf94a9d6211b046ec8b8991e483fc11
Fixed
76c83894a641ba15e513564bed6c42fb2e59dc02

Affected versions

ssv0.*
ssv0.9.2
ssv0.9.3rc0
v4.*
v4.4.7
v4.4.8
v4.4.8rc0
v4.4.9rc0
wireshark-4.*
wireshark-4.4.7
wireshark-4.4.8

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

fixed_range 
"72159d9d03da535abd8dbc7105b9e95a045b1921:76c83894a641ba15e513564bed6c42fb2e59dc02"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wireshark/OSV-2025-371.yaml"
introduced_range 
"a37b6c166929141a9044abe1520f13bc4894a893:454b1b5da6426f2fa55bfb5e9e575d43991385d3"