CVE-2019-5717

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-5717
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-5717.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-5717
Downstream
Related
Published
2019-01-08T23:29:00.373Z
Modified
2026-04-11T12:20:21.357434Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the PMUL dissector could crash. This was addressed in epan/dissectors/packet-pmul.c by rejecting the invalid sequence number of zero.

Database specific 
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "cpe": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "9.0"
                }
            ],
            "cpe": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        }
    ]
}
References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://github.com/wireshark/wireshark
Events
Introduced
9be0fa500da594ed01baf3214642838d22811c90
Last affected
a6cc2066cf056baae5dbb3b354f2f1f9fd065f0e
Introduced
c7239f0201292253817c7c4c9a394a47113ca55c
Last affected
f766965a0d7d77f6553a9b541d04bbe438fb9399
Database specific 
{
    "extracted_events": [
        {
            "introduced": "2.4.0"
        },
        {
            "last_affected": "2.4.11"
        },
        {
            "introduced": "2.6.0"
        },
        {
            "last_affected": "2.6.5"
        }
    ],
    "cpe": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
    "source": "CPE_FIELD"
}

Affected versions

v2.*
v2.4.0
v2.4.1
v2.4.10
v2.4.10rc0
v2.4.11
v2.4.11rc0
v2.4.1rc0
v2.4.2
v2.4.2rc0
v2.4.3
v2.4.3rc0
v2.4.4
v2.4.4rc0
v2.4.5
v2.4.5rc0
v2.4.6
v2.4.6rc0
v2.4.7
v2.4.7rc0
v2.4.8
v2.4.8rc0
v2.4.9
v2.4.9rc0
v2.6.0
v2.6.1
v2.6.1rc0
v2.6.2
v2.6.2rc0
v2.6.3
v2.6.3rc0
v2.6.4
v2.6.4rc0
v2.6.5
v2.6.5rc0
wireshark-2.*
wireshark-2.4.0
wireshark-2.4.1
wireshark-2.4.10
wireshark-2.4.11
wireshark-2.4.2
wireshark-2.4.3
wireshark-2.4.4
wireshark-2.4.5
wireshark-2.4.6
wireshark-2.4.7
wireshark-2.4.8
wireshark-2.4.9
wireshark-2.6.0
wireshark-2.6.1
wireshark-2.6.2
wireshark-2.6.3
wireshark-2.6.4
wireshark-2.6.5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-5717.json"