CVE-2017-7748

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-7748
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7748.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-7748
Downstream
Related
Published
2017-04-12T23:59:00.497Z
Modified
2025-11-14T05:19:16.200711Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check.

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://github.com/wireshark/wireshark
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0ad795bc8c4e98c9cd49b5609df19ccce2640666
Last affected
440fd4d501cf0e5aa319a97d0f874641d733e4a1
Last affected
5368c50be46d4a44986d12bdfc0a35b42c0f34fc
Last affected
57531cdd46cf170524c1fbbfd2c44132bb36e7c6
Last affected
59ea380c69dca2bc2f97fa97c1bf410bbcd2411c
Last affected
611e0b78a0b93c1e29fd9a629ad4e91994ae1b13
Last affected
775fb085cdfebafa565c5b428f0a130d82dbefcb
Last affected
9a73b827b22c7ce9132e939b9f07ec4425fc2aa6
Last affected
9af92735baf48cac9779176a9319f6a5c1115cb6
Last affected
a16e22ed9cbbc599fe8b7b8e40a6696a0138c489
Last affected
a3be9c6de540ae1fade63568cc77d928b3c52ef7
Last affected
a6fbd278e2d72ed3524995464c86929b51867802
Last affected
b2423a12c30165075e9d0d033da7d562e0efc05b
Last affected
cc3dc1b648d341a489fb95faef3795d8cb2b6192
Last affected
d0e42d78193cfacd1022656cd8dad7fc222e6dbc
Last affected
daac0f493f09ff68e194a30bf0f5318db96b99cd
Last affected
dd7746e6f1b034048cd986ca6f44291e712cc1fc
Last affected
eed34f0ac6696c053585ddf75c5805b3d5b395cf

Affected versions

2.*

2.2.1rc0

Other

backups/ethereal@18706
ethereal-0-3-15
start

ethereal-0.*

ethereal-0.3.15

v1.*

v1.11.0
v1.11.0-rc1
v1.11.1
v1.11.1-rc1
v1.11.2
v1.11.2-rc1
v1.11.3
v1.11.3-rc1
v1.11.4-rc1
v1.99.0
v1.99.0-rc1
v1.99.1
v1.99.10rc0
v1.99.1rc0
v1.99.2
v1.99.2rc0
v1.99.3
v1.99.3rc0
v1.99.4
v1.99.4rc0
v1.99.5
v1.99.5rc0
v1.99.6
v1.99.6rc0
v1.99.7
v1.99.7rc0
v1.99.8
v1.99.8rc0
v1.99.9
v1.99.9rc0

v2.*

v2.0.0
v2.0.0rc0
v2.0.0rc1
v2.0.0rc2
v2.0.0rc3
v2.0.1
v2.0.10
v2.0.10rc0
v2.0.1rc0
v2.0.2
v2.0.2rc0
v2.0.3
v2.0.3rc0
v2.0.4
v2.0.4rc0
v2.0.5
v2.0.5rc0
v2.0.6
v2.0.6rc0
v2.0.7
v2.0.7rc0
v2.0.8
v2.0.8rc0
v2.0.9
v2.0.9rc0
v2.1.0
v2.1.0rc0
v2.1.1
v2.1.1rc0
v2.1.2rc0
v2.2.0
v2.2.0rc0
v2.2.0rc1
v2.2.0rc2
v2.2.1
v2.2.1rc0
v2.2.2
v2.2.2rc0
v2.2.3
v2.2.3rc0
v2.2.4
v2.2.4rc0
v2.2.5
v2.2.5rc0

wireshark-1.*

wireshark-1.11.3
wireshark-1.99.0
wireshark-1.99.1
wireshark-1.99.2
wireshark-1.99.3
wireshark-1.99.4
wireshark-1.99.5
wireshark-1.99.6
wireshark-1.99.7
wireshark-1.99.8
wireshark-1.99.9

wireshark-2.*

wireshark-2.0.0
wireshark-2.0.1
wireshark-2.0.10
wireshark-2.0.2
wireshark-2.0.3
wireshark-2.0.4
wireshark-2.0.5
wireshark-2.0.6
wireshark-2.0.7
wireshark-2.0.8
wireshark-2.0.9
wireshark-2.1.0
wireshark-2.1.1
wireshark-2.2.0
wireshark-2.2.0rc1
wireshark-2.2.0rc2
wireshark-2.2.1
wireshark-2.2.2
wireshark-2.2.3
wireshark-2.2.4
wireshark-2.2.5

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7748.json"