Candidate: CVE-2015-3813
PublicDate: 2015-05-26 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3813
 https://www.wireshark.org/security/wnpa-sec-2015-16.html
Description:
 The fragment_add_work function in epan/reassemble.c in the
 packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not
 properly determine the defragmentation state in a case of an insufficient
 snapshot length, which allows remote attackers to cause a denial of service
 (memory consumption) via a crafted packet.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11129
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_wireshark:
 upstream: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c35f2ccb4433718416551cc7a85afb0860529d57
upstream_wireshark: released (1.12.5+g5819e5b-1)
precise_wireshark: not-affected
trusty_wireshark: not-affected (1.10.6-1)
trusty/esm_wireshark: not-affected (1.10.6-1)
utopic_wireshark: ignored (reached end-of-life)
vivid_wireshark: released (1.12.1+g01b65bf-4+deb8u1build0.15.04.1)
devel_wireshark: not-affected (1.12.5+g5819e5b-1)