The dissectpftfec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed packet.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "1.10.6-1", "binary_name": "libwireshark-data" }, { "binary_version": "1.10.6-1", "binary_name": "libwireshark-dev" }, { "binary_version": "1.10.6-1", "binary_name": "libwireshark3" }, { "binary_version": "1.10.6-1", "binary_name": "libwiretap-dev" }, { "binary_version": "1.10.6-1", "binary_name": "libwiretap3" }, { "binary_version": "1.10.6-1", "binary_name": "libwsutil-dev" }, { "binary_version": "1.10.6-1", "binary_name": "libwsutil3" }, { "binary_version": "1.10.6-1", "binary_name": "tshark" }, { "binary_version": "1.10.6-1", "binary_name": "wireshark" }, { "binary_version": "1.10.6-1", "binary_name": "wireshark-common" }, { "binary_version": "1.10.6-1", "binary_name": "wireshark-dbg" }, { "binary_version": "1.10.6-1", "binary_name": "wireshark-dev" }, { "binary_version": "1.10.6-1", "binary_name": "wireshark-doc" } ] }