CVE-2018-16056

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

c7239f0201292253817c7c4c9a394a47113ca55c

Last affected

1b3cedbc5fe5b9d8b454a10fcd2046f0d38a9f19

Introduced

5368c50be46d4a44986d12bdfc0a35b42c0f34fc

Last affected

8653a31f6a27170e9c563ea1704f807884ee607a

Introduced

9be0fa500da594ed01baf3214642838d22811c90

Last affected

f5cdbcff1245827929870117a9cc8d012de1aa20

Affected versions

2.*

2.2.1rc0

v2.*

v2.2.0

v2.2.1

v2.2.10

v2.2.10rc0

v2.2.11

v2.2.11rc0

v2.2.12

v2.2.12rc0

v2.2.13

v2.2.13rc0

v2.2.14

v2.2.14rc0

v2.2.15

v2.2.15rc0

v2.2.16

v2.2.16rc0

v2.2.1rc0

v2.2.2

v2.2.2rc0

v2.2.3

v2.2.3rc0

v2.2.4

v2.2.4rc0

v2.2.5

v2.2.5rc0

v2.2.6

v2.2.6rc0

v2.2.7

v2.2.7rc0

v2.2.8

v2.2.8rc0

v2.2.9

v2.2.9rc0

v2.4.0

v2.4.1

v2.4.1rc0

v2.4.2

v2.4.2rc0

v2.4.3

v2.4.3rc0

v2.4.4

v2.4.4rc0

v2.4.5

v2.4.5rc0

v2.4.6

v2.4.6rc0

v2.4.7

v2.4.7rc0

v2.4.8

v2.4.8rc0

v2.6.0

v2.6.1

v2.6.1rc0

v2.6.2

v2.6.2rc0

wireshark-2.*

wireshark-2.2.0

wireshark-2.2.1

wireshark-2.2.10

wireshark-2.2.11

wireshark-2.2.12

wireshark-2.2.13

wireshark-2.2.14

wireshark-2.2.15

wireshark-2.2.16

wireshark-2.2.2

wireshark-2.2.3

wireshark-2.2.4

wireshark-2.2.5

wireshark-2.2.6

wireshark-2.2.7

wireshark-2.2.8

wireshark-2.2.9

wireshark-2.4.0

wireshark-2.4.1

wireshark-2.4.2

wireshark-2.4.3

wireshark-2.4.4

wireshark-2.4.5

wireshark-2.4.6

wireshark-2.4.7

wireshark-2.4.8

wireshark-2.6.0

wireshark-2.6.1

wireshark-2.6.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-16056.json"