CVE-2019-16319

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-16319

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-16319.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-16319

Related

Published

2019-09-15T16:15:13Z

Modified

2024-09-03T03:33:54.883800Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero.

References

Affected packages

Debian:11 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.4-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.4-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.4-1

Ecosystem specific

{
    "urgency": "low"
}

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

937e33de60bcfcd6f68e7250e5e6914ae1d1e1e4

Last affected

6130b92b0ec6d24c22337ac2c7fec9e8a8d60754

Introduced

c7239f0201292253817c7c4c9a394a47113ca55c

Last affected

7ba4efc47fe9953615c751b7758edcaa5c23e332

Affected versions

v2.*

v2.6.0

v2.6.1

v2.6.10

v2.6.10rc0

v2.6.1rc0

v2.6.2

v2.6.2rc0

v2.6.3

v2.6.3rc0

v2.6.4

v2.6.4rc0

v2.6.5

v2.6.5rc0

v2.6.6

v2.6.6rc0

v2.6.7

v2.6.7rc0

v2.6.8

v2.6.8rc0

v2.6.9

v2.6.9rc0

v3.*

v3.0.0

v3.0.1

v3.0.1rc0

v3.0.2

v3.0.2rc0

v3.0.3

v3.0.3rc0

wireshark-2.*

wireshark-2.6.0

wireshark-2.6.1

wireshark-2.6.10

wireshark-2.6.2

wireshark-2.6.3

wireshark-2.6.4

wireshark-2.6.5

wireshark-2.6.6

wireshark-2.6.7

wireshark-2.6.8

wireshark-2.6.9

wireshark-3.*

wireshark-3.0.0

wireshark-3.0.1

wireshark-3.0.2

wireshark-3.0.3