CVE-2015-7830

Name of the Vulnerable Software and Affected Versions Wireshark versions 1.12.x through 1.12.7

Description The issue is related to the pcapng parser in Wireshark, where the pcapng read if descr block function uses too many levels of pointer indirection. This allows remote attackers to cause a denial of service, resulting in an incorrect free and application crash, via a crafted packet that triggers interface-filter copying. The problem can also be described as a remote code execution vulnerability due to an arbitrary free in the PCAPNG if filter. A malformed packet can cause a denial of service.

Recommendations For Wireshark versions 1.12.x through 1.12.7, update to version 1.12.8 or later to resolve the issue. As a temporary workaround, consider disabling the pcapng file parser until a patch is available. Restrict access to crafted packets to minimize the risk of exploitation.