CVE-2012-6054

Priority
Description
The dissect_sflow_245_address_type function in
epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x
before 1.8.4 does not properly handle length calculations for an invalid IP
address type, which allows remote attackers to cause a denial of service
(infinite loop) via a packet that is neither IPv4 nor IPv6.
Notes
Package
Upstream:released (1.8.4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (1.10.6-1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (1.12.1+g01b65bf-2)
More Information

Updated: 2020-05-07 18:34:04 UTC (commit 3db3e0dddc92f0ed79599b5949ba82bc7a3031ed)