CVE-2019-13619
- Source
- https://cve.org/CVERecord?id=CVE-2019-13619
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-13619.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-13619
- Downstream
- Related
- Published
- 2019-07-17T20:15:11.617Z
- Modified
- 2026-02-12T07:29:10.216091Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.
- References
-
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=7e90aed666e809c0db5de9d1816802a7dcea28d9
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JY52XAC2UNC4X4ZPIXYMK5SVXV2PO5I3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q4QVJALLGVVC7MBUT4B4SHQVDXGJKGI7/
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00068.html
- http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html
- http://www.securityfocus.com/bid/109293
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15870
- https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html
- https://usn.ubuntu.com/4133-1/
- https://www.wireshark.org/security/wnpa-sec-2019-20.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15870
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00068.html
- http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html
- https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15870
Affected packages
Git
github.com/libarchive/libarchive
github.com/wireshark/wireshark
Affected ranges
- Type
- GIT
- Repo
- https://github.com/wireshark/wireshark
- Events
-
IntroducedLast affectedIntroducedLast affectedIntroducedLast affected
Affected versions
v2.*
v2.4.0
v2.4.1
v2.4.10
v2.4.10rc0
v2.4.11
v2.4.11rc0
v2.4.12
v2.4.12rc0
v2.4.13
v2.4.13rc0
v2.4.14
v2.4.14rc0
v2.4.15
v2.4.15rc0
v2.4.16
v2.4.16rc0
v2.4.17rc0
v2.4.1rc0
v2.4.2
v2.4.2rc0
v2.4.3
v2.4.3rc0
v2.4.4
v2.4.4rc0
v2.4.5
v2.4.5rc0
v2.4.6
v2.4.6rc0
v2.4.7
v2.4.7rc0
v2.4.8
v2.4.8rc0
v2.4.9
v2.4.9rc0
v2.6.0
v2.6.1
v2.6.10
v2.6.10rc0
v2.6.11
v2.6.11rc0
v2.6.12
v2.6.12rc0
v2.6.13
v2.6.13rc0
v2.6.14
v2.6.14rc0
v2.6.15
v2.6.15rc0
v2.6.16
v2.6.16rc0
v2.6.17
v2.6.17rc0
v2.6.18
v2.6.18rc0
v2.6.19
v2.6.19rc0
v2.6.1rc0
v2.6.2
v2.6.20
v2.6.20rc0
v2.6.21rc0
v2.6.2rc0
v2.6.3
v2.6.3rc0
v2.6.4
v2.6.4rc0
v2.6.5
v2.6.5rc0
v2.6.6
v2.6.6rc0
v2.6.7
v2.6.7rc0
v2.6.8
v2.6.8rc0
v2.6.9
v2.6.9rc0
v3.*
v3.0.0
v3.0.1
v3.0.10
v3.0.10rc0
v3.0.11
v3.0.11rc0
v3.0.12
v3.0.12rc0
v3.0.13
v3.0.13rc0
v3.0.14
v3.0.14rc0
v3.0.15rc0
v3.0.1rc0
v3.0.2
v3.0.2rc0
v3.0.3
v3.0.3rc0
v3.0.4
v3.0.4rc0
v3.0.5
v3.0.5rc0
v3.0.6
v3.0.6rc0
v3.0.7
v3.0.7rc0
v3.0.8
v3.0.8rc0
v3.0.9
v3.0.9rc0
wireshark-2.*
wireshark-2.4.0
wireshark-2.4.1
wireshark-2.4.10
wireshark-2.4.11
wireshark-2.4.12
wireshark-2.4.13
wireshark-2.4.14
wireshark-2.4.15
wireshark-2.4.16
wireshark-2.4.2
wireshark-2.4.3
wireshark-2.4.4
wireshark-2.4.5
wireshark-2.4.6
wireshark-2.4.7
wireshark-2.4.8
wireshark-2.4.9
wireshark-2.6.0
wireshark-2.6.1
wireshark-2.6.10
wireshark-2.6.11
wireshark-2.6.12
wireshark-2.6.13
wireshark-2.6.14
wireshark-2.6.15
wireshark-2.6.16
wireshark-2.6.17
wireshark-2.6.18
wireshark-2.6.19
wireshark-2.6.2
wireshark-2.6.20
wireshark-2.6.3
wireshark-2.6.4
wireshark-2.6.5
wireshark-2.6.6
wireshark-2.6.7
wireshark-2.6.8
wireshark-2.6.9
wireshark-3.*
wireshark-3.0.0
wireshark-3.0.1
wireshark-3.0.10
wireshark-3.0.11
wireshark-3.0.12
wireshark-3.0.13
wireshark-3.0.14
wireshark-3.0.2
wireshark-3.0.3
wireshark-3.0.4
wireshark-3.0.5
wireshark-3.0.6
wireshark-3.0.7
wireshark-3.0.8
wireshark-3.0.9