CVE-2015-3810

Published: 26 May 2015

epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet.

Priority

Low

Status

Package Release Status
wireshark
Launchpad, Ubuntu, Debian
Upstream
Released (1.12.5+g5819e5b-1)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(1.10.6-1)
Patches:
Upstream: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0