CVE-2018-9260

CVE-2018-9260

Name

CVE-2018-9260

Description

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash. This was addressed in epan/dissectors/packet-ieee802154.c by ensuring that an allocation step occurs.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Vendor Advisory	https://www.wireshark.org/security/wnpa-sec-2018-17.html
Patch	https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=14d6f717d8ea27688af48532edb1d29f502ea8f0
Exploit	https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14468
Mailing List	https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html
Mailing List	https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html

Type

URI

Vendor Advisory

https://www.wireshark.org/security/wnpa-sec-2018-17.html

Patch

https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=14d6f717d8ea27688af48532edb1d29f502ea8f0

Exploit

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14468

Mailing List

https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html

Mailing List

https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html