CVE-2015-3813

Publication date 26 May 2015

Last updated 24 July 2024


Ubuntu priority

The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet.

Status

Package Ubuntu Release Status
wireshark 15.04 vivid
Fixed 1.12.1+g01b65bf-4+deb8u1build0.15.04.1
14.10 utopic Ignored end of life
14.04 LTS trusty
Not affected
12.04 LTS precise
Not affected

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
wireshark