CVE-2018-11357
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-11357
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-11357.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-11357
- Related
- Published
- 2018-05-22T21:29:00Z
- Modified
- 2025-01-08T04:59:19.051379Z
- Downstream
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
- References
-
- http://www.securityfocus.com/bid/104308
- http://www.securitytracker.com/id/1041036
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14678
- https://www.wireshark.org/security/wnpa-sec-2018-28.html
- https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=ab8a33ef083b9732c89117747a83a905a676faf6
- https://security.alpinelinux.org/vuln/CVE-2018-11357
- https://security-tracker.debian.org/tracker/CVE-2018-11357
Affected packages
Alpine:v3.5 / wireshark
Package
- Name
- wireshark
- Purl
- pkg:apk/alpine/wireshark?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.2.15-r0
Affected versions
1.*
1.2.1-r0
1.2.2-r0
1.2.4-r0
1.2.6-r0
1.2.6-r1
1.2.6-r2
1.2.8-r0
1.2.9-r0
1.2.10-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.6-r0
1.4.7-r0
1.6.0-r0
1.6.0-r1
1.6.1-r0
1.6.2-r0
1.6.3-r0
1.6.4-r0
1.6.5-r0
1.6.6-r0
1.6.6-r1
1.6.8-r0
1.6.8-r1
1.8.1-r0
1.8.2-r0
1.8.3-r0
1.8.4-r0
1.8.5-r0
1.8.6-r0
1.8.7-r0
1.10.0-r0
1.10.1-r0
1.10.2-r0
1.10.2-r1
1.10.3-r0
1.10.3-r1
1.10.4-r0
1.10.5-r0
1.10.5-r1
1.10.6-r0
1.10.7-r0
1.10.8-r0
1.12.0-r0
1.12.0-r1
1.12.1-r0
1.12.1-r1
1.12.2-r0
1.12.3-r0
1.12.4-r0
1.12.4-r1
1.12.5-r0
1.12.7-r0
1.12.8-r0
2.*
2.0.0-r0
2.0.1-r0
2.0.2-r0
2.0.3-r0
2.0.4-r0
2.0.5-r0
2.2.0-r0
2.2.0-r1
2.2.2-r0
2.2.3-r0
2.2.4-r0
2.2.4-r1
2.2.5-r0
2.2.6-r0
2.2.7-r0
2.2.8-r0
2.2.10-r0
2.2.11-r0
2.2.12-r0
2.2.14-r0
Debian:11 / wireshark
Package
- Name
- wireshark
- Purl
- pkg:deb/debian/wireshark?arch=source
Debian:12 / wireshark
Package
- Name
- wireshark
- Purl
- pkg:deb/debian/wireshark?arch=source
Debian:13 / wireshark
Package
- Name
- wireshark
- Purl
- pkg:deb/debian/wireshark?arch=source
Git / github.com/wireshark/wireshark
Affected ranges
- Type
- GIT
- Repo
- https://github.com/wireshark/wireshark
- Events
-
IntroducedLast affectedLast affectedIntroducedLast affected
Affected versions
2.*
2.2.1rc0
v2.*
v2.2.0
v2.2.1
v2.2.10
v2.2.10rc0
v2.2.11
v2.2.11rc0
v2.2.12
v2.2.12rc0
v2.2.13
v2.2.13rc0
v2.2.14
v2.2.14rc0
v2.2.1rc0
v2.2.2
v2.2.2rc0
v2.2.3
v2.2.3rc0
v2.2.4
v2.2.4rc0
v2.2.5
v2.2.5rc0
v2.2.6
v2.2.6rc0
v2.2.7
v2.2.7rc0
v2.2.8
v2.2.8rc0
v2.2.9
v2.2.9rc0
v2.4.0
v2.4.1
v2.4.1rc0
v2.4.2
v2.4.2rc0
v2.4.3
v2.4.3rc0
v2.4.4
v2.4.4rc0
v2.4.5
v2.4.5rc0
v2.4.6
v2.4.6rc0
wireshark-2.*
wireshark-2.2.0
wireshark-2.2.1
wireshark-2.2.10
wireshark-2.2.11
wireshark-2.2.12
wireshark-2.2.13
wireshark-2.2.14
wireshark-2.2.2
wireshark-2.2.3
wireshark-2.2.4
wireshark-2.2.5
wireshark-2.2.6
wireshark-2.2.7
wireshark-2.2.8
wireshark-2.2.9
wireshark-2.4.0
wireshark-2.4.1
wireshark-2.4.2
wireshark-2.4.3
wireshark-2.4.4
wireshark-2.4.5
wireshark-2.4.6