First published: Wed Dec 27 2017(Updated: )
The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Wireshark Wireshark | <=2.2.11 | |
Debian Debian Linux | =8.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.