CVE-2018-9261
- Source
- https://cve.org/CVERecord?id=CVE-2018-9261
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-9261.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-9261
- Downstream
- Related
- Published
- 2018-04-04T07:29:00.767Z
- Modified
- 2026-04-16T01:39:11.188243230Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs.
- Database specific
{ "unresolved_ranges": [ { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "7.0" } ], "cpe": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "8.0" } ], "cpe": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "9.0" } ], "cpe": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" } ] }- References
-
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=66bc372716e04d6a8afdf6712583c9b5d11fee55
- https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html
- https://www.debian.org/security/2018/dsa-4217
- https://www.wireshark.org/security/wnpa-sec-2018-18.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14471
Affected packages
Git / github.com/wireshark/wireshark
Affected ranges
- Type
- GIT
- Repo
- https://github.com/wireshark/wireshark
- Events
-
IntroducedLast affectedIntroducedLast affected
- Database specific
{ "source": "CPE_FIELD", "extracted_events": [ { "introduced": "2.2.0" }, { "last_affected": "2.2.13" }, { "introduced": "2.4.0" }, { "last_affected": "2.4.5" } ], "cpe": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*" }
Affected versions
2.*
2.2.1rc0
v2.*
v2.2.0
v2.2.1
v2.2.10
v2.2.10rc0
v2.2.11
v2.2.11rc0
v2.2.12
v2.2.12rc0
v2.2.13
v2.2.13rc0
v2.2.1rc0
v2.2.2
v2.2.2rc0
v2.2.3
v2.2.3rc0
v2.2.4
v2.2.4rc0
v2.2.5
v2.2.5rc0
v2.2.6
v2.2.6rc0
v2.2.7
v2.2.7rc0
v2.2.8
v2.2.8rc0
v2.2.9
v2.2.9rc0
v2.4.0
v2.4.1
v2.4.1rc0
v2.4.2
v2.4.2rc0
v2.4.3
v2.4.3rc0
v2.4.4
v2.4.4rc0
v2.4.5
v2.4.5rc0
wireshark-2.*
wireshark-2.2.0
wireshark-2.2.1
wireshark-2.2.10
wireshark-2.2.11
wireshark-2.2.12
wireshark-2.2.13
wireshark-2.2.2
wireshark-2.2.3
wireshark-2.2.4
wireshark-2.2.5
wireshark-2.2.6
wireshark-2.2.7
wireshark-2.2.8
wireshark-2.2.9
wireshark-2.4.0
wireshark-2.4.1
wireshark-2.4.2
wireshark-2.4.3
wireshark-2.4.4
wireshark-2.4.5