CVE-2015-2189

Priority
Description
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the
pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before
1.12.4 allows remote attackers to cause a denial of service (out-of-bounds
read and application crash) via an invalid Interface Statistics Block (ISB)
interface ID in a crafted packet.
Notes
tyhicksVersion 1.12.0 to 1.12.3, 1.10.0 to 1.10.12 are affected
Package
Upstream:released (1.10.13, 1.12.4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was not-affected [1.6.7-1])
Ubuntu 14.04 ESM (Trusty Tahr):released (2.6.3-1~ubuntu14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (2.6.3-1~ubuntu16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (2.6.3-1~ubuntu18.04.1)
More Information

Updated: 2020-09-10 04:40:06 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)