The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
{ "availability": "No subscription required", "ubuntu_priority": "negligible", "binaries": [ { "binary_version": "1.10.6-1", "binary_name": "libwireshark-data" }, { "binary_version": "1.10.6-1", "binary_name": "libwireshark-dev" }, { "binary_version": "1.10.6-1", "binary_name": "libwireshark3" }, { "binary_version": "1.10.6-1", "binary_name": "libwiretap-dev" }, { "binary_version": "1.10.6-1", "binary_name": "libwiretap3" }, { "binary_version": "1.10.6-1", "binary_name": "libwsutil-dev" }, { "binary_version": "1.10.6-1", "binary_name": "libwsutil3" }, { "binary_version": "1.10.6-1", "binary_name": "tshark" }, { "binary_version": "1.10.6-1", "binary_name": "wireshark" }, { "binary_version": "1.10.6-1", "binary_name": "wireshark-common" }, { "binary_version": "1.10.6-1", "binary_name": "wireshark-dbg" }, { "binary_version": "1.10.6-1", "binary_name": "wireshark-dev" }, { "binary_version": "1.10.6-1", "binary_name": "wireshark-doc" } ] }