CVE-2019-13619

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-13619
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-13619.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-13619
Downstream
Related
Published
2019-07-17T20:15:11.617Z
Modified
2026-04-16T00:08:03.151103071Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.

Database specific 
{
    "unresolved_ranges": [
        {
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "16.04"
                }
            ],
            "source": "CPE_FIELD"
        },
        {
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "18.04"
                }
            ],
            "source": "CPE_FIELD"
        },
        {
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "19.04"
                }
            ],
            "source": "CPE_FIELD"
        },
        {
            "cpe": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "9.0"
                }
            ],
            "source": "CPE_FIELD"
        },
        {
            "cpe": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "29"
                }
            ],
            "source": "CPE_FIELD"
        },
        {
            "cpe": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "30"
                }
            ],
            "source": "CPE_FIELD"
        },
        {
            "cpe": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "15.0"
                }
            ],
            "source": "CPE_FIELD"
        },
        {
            "cpe": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "15.1"
                }
            ],
            "source": "CPE_FIELD"
        }
    ]
}
References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://github.com/wireshark/wireshark
Events
Introduced
9be0fa500da594ed01baf3214642838d22811c90
Last affected
717fb6bbb7745063275f4bb28f4b1b87ea6111ce
Introduced
c7239f0201292253817c7c4c9a394a47113ca55c
Last affected
f1627e90c1292405b238aae0c19b5ac52dfa38ad
Introduced
937e33de60bcfcd6f68e7250e5e6914ae1d1e1e4
Last affected
621ed351d5c9d002150823ec8bc845f5e9b41c6d
Database specific 
{
    "cpe": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "2.4.0"
        },
        {
            "last_affected": "2.4.15"
        },
        {
            "introduced": "2.6.0"
        },
        {
            "last_affected": "2.6.9"
        },
        {
            "introduced": "3.0.0"
        },
        {
            "last_affected": "3.0.2"
        }
    ],
    "source": "CPE_FIELD"
}

Affected versions

v2.*
v2.4.0
v2.4.1
v2.4.10
v2.4.10rc0
v2.4.11
v2.4.11rc0
v2.4.12
v2.4.12rc0
v2.4.13
v2.4.13rc0
v2.4.14
v2.4.14rc0
v2.4.15
v2.4.15rc0
v2.4.1rc0
v2.4.2
v2.4.2rc0
v2.4.3
v2.4.3rc0
v2.4.4
v2.4.4rc0
v2.4.5
v2.4.5rc0
v2.4.6
v2.4.6rc0
v2.4.7
v2.4.7rc0
v2.4.8
v2.4.8rc0
v2.4.9
v2.4.9rc0
v2.6.0
v2.6.1
v2.6.1rc0
v2.6.2
v2.6.2rc0
v2.6.3
v2.6.3rc0
v2.6.4
v2.6.4rc0
v2.6.5
v2.6.5rc0
v2.6.6
v2.6.6rc0
v2.6.7
v2.6.7rc0
v2.6.8
v2.6.8rc0
v2.6.9
v2.6.9rc0
v3.*
v3.0.0
v3.0.1
v3.0.1rc0
v3.0.2
v3.0.2rc0
wireshark-2.*
wireshark-2.4.0
wireshark-2.4.1
wireshark-2.4.10
wireshark-2.4.11
wireshark-2.4.12
wireshark-2.4.13
wireshark-2.4.14
wireshark-2.4.15
wireshark-2.4.2
wireshark-2.4.3
wireshark-2.4.4
wireshark-2.4.5
wireshark-2.4.6
wireshark-2.4.7
wireshark-2.4.8
wireshark-2.4.9
wireshark-2.6.0
wireshark-2.6.1
wireshark-2.6.2
wireshark-2.6.3
wireshark-2.6.4
wireshark-2.6.5
wireshark-2.6.6
wireshark-2.6.7
wireshark-2.6.8
wireshark-2.6.9
wireshark-3.*
wireshark-3.0.0
wireshark-3.0.1
wireshark-3.0.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-13619.json"