CVE-2015-7830

Published: 15 November 2015

The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.

Priority

Low

Status

Package Release Status
wireshark
Launchpad, Ubuntu, Debian
Upstream
Released (1.12.8)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(1.12.7+g7fc8978-1)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(1.10.6-1)