Your submission was sent successfully! Close

CVE-2017-6472

Published: 4 March 2017

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtmpt.c by properly incrementing a certain sequence value.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
wireshark
Launchpad, Ubuntu, Debian
artful Not vulnerable
(2.4.2-1)
bionic Not vulnerable

precise Does not exist
(precise was needed)
trusty
Released (1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1)
upstream
Released (2.2.5, 2.0.11)
xenial
Released (2.2.6+g32dac6a-2ubuntu0.16.04)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)