CVE-2015-3812

Publication date 26 May 2015

Last updated 24 July 2024

Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
wireshark	18.04 LTS bionic	Fixed 2.6.3-1~ubuntu18.04.1
	17.10 artful	Not affected
	17.04 zesty	Not affected
	16.10 yakkety	Not affected
	16.04 LTS xenial	Fixed 2.6.3-1~ubuntu16.04.1
	15.10 wily	Not affected
	15.04 vivid	Fixed 1.12.1+g01b65bf-4+deb8u1build0.15.04.1
	14.10 utopic	Ignored end of life
	14.04 LTS trusty	Fixed 2.6.3-1~ubuntu14.04.1
	12.04 LTS precise	Ignored end of life

Notes

tyhicks

"Affected versions: 1.12.0 to 1.12.4, 1.10.0 to 1.10.13"

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
wireshark	Upstream: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b8ccc2a6add29823a0ff0492fc50372449007e7b

CVE-2015-3812

Status

Notes

tyhicks

Patch details

References

Other references