CVE-2017-6014

NameCVE-2017-6014
DescriptionIn Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-826-1
NVD severityhigh (attack range: remote)
Debian Bugs855408

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
wireshark (PTS)wheezy1.8.2-5wheezy18vulnerable
wheezy (security)1.12.1+g01b65bf-4+deb8u6~deb7u6fixed
jessie (security), jessie1.12.1+g01b65bf-4+deb8u10vulnerable
stretch, sid2.2.4+gcc3dc1b-1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
wiresharksource(unstable)(unfixed)high855408
wiresharksourcewheezy1.12.1+g01b65bf-4+deb8u6~deb7u6highDLA-826-1

Notes

[jessie] - wireshark <no-dsa> (Minor issue; Can be fixed along with the next round of Wireshark vulnerabilities)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416

Search for package or bug name: Reporting problems