CVE-2014-4020
Publication date 18 June 2014
Last updated 24 July 2024
Ubuntu priority
The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Status
Package | Ubuntu Release | Status |
---|---|---|
wireshark | 18.04 LTS bionic |
Fixed 2.6.3-1~ubuntu18.04.1
|
16.04 LTS xenial |
Fixed 2.6.3-1~ubuntu16.04.1
|
|
14.04 LTS trusty |
Fixed 2.6.3-1~ubuntu14.04.1
|
|