CVE-2017-15191

In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

5368c50be46d4a44986d12bdfc0a35b42c0f34fc

Last affected

34f34aa504c473a12024d5377dbe7924403aa387

Introduced

9a73b827b22c7ce9132e939b9f07ec4425fc2aa6

Last affected

761c84595854309903e284e574dad28c7632c0ba

Introduced

9be0fa500da594ed01baf3214642838d22811c90

Last affected

f42a0d2b6c659aff0390ab28e91bdd37423fe164

Affected versions

2.*

2.2.1rc0

v2.*

v2.0.0

v2.0.1

v2.0.10

v2.0.10rc0

v2.0.11

v2.0.11rc0

v2.0.12

v2.0.12rc0

v2.0.13

v2.0.13rc0

v2.0.14

v2.0.14rc0

v2.0.15

v2.0.15rc0

v2.0.1rc0

v2.0.2

v2.0.2rc0

v2.0.3

v2.0.3rc0

v2.0.4

v2.0.4rc0

v2.0.5

v2.0.5rc0

v2.0.6

v2.0.6rc0

v2.0.7

v2.0.7rc0

v2.0.8

v2.0.8rc0

v2.0.9

v2.0.9rc0

v2.2.0

v2.2.1

v2.2.1rc0

v2.2.2

v2.2.2rc0

v2.2.3

v2.2.3rc0

v2.2.4

v2.2.4rc0

v2.2.5

v2.2.5rc0

v2.2.6

v2.2.6rc0

v2.2.7

v2.2.7rc0

v2.2.8

v2.2.8rc0

v2.2.9

v2.2.9rc0

v2.4.0

v2.4.1

v2.4.1rc0

wireshark-2.*

wireshark-2.0.0

wireshark-2.0.1

wireshark-2.0.10

wireshark-2.0.11

wireshark-2.0.12

wireshark-2.0.13

wireshark-2.0.14

wireshark-2.0.15

wireshark-2.0.2

wireshark-2.0.3

wireshark-2.0.4

wireshark-2.0.5

wireshark-2.0.6

wireshark-2.0.7

wireshark-2.0.8

wireshark-2.0.9

wireshark-2.2.0

wireshark-2.2.1

wireshark-2.2.2

wireshark-2.2.3

wireshark-2.2.4

wireshark-2.2.5

wireshark-2.2.6

wireshark-2.2.7

wireshark-2.2.8

wireshark-2.2.9

wireshark-2.4.0

wireshark-2.4.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-15191.json"