CVE-2018-7420

CVE-2018-7420

Name

CVE-2018-7420

Description

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Vendor Advisory	https://www.wireshark.org/security/wnpa-sec-2018-11.html
Patch	https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=129e41f9f63885ad8224ef413c2860788fb9e849
Issue Tracking	https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403
Third Party Advisory	http://www.securityfocus.com/bid/103163
Mailing List	https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html
Mailing List	https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html

Type

URI

Vendor Advisory

https://www.wireshark.org/security/wnpa-sec-2018-11.html

Patch

https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=129e41f9f63885ad8224ef413c2860788fb9e849

Issue Tracking

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403

Third Party Advisory

http://www.securityfocus.com/bid/103163

Mailing List

https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html