PT-2018-12467 · Wireshark+2 · Wireshark+2

Bill Nickless

Published

2018-04-03

Updated

2024-06-15

CVE-2018-14367

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Wireshark versions 2.4.0 through 2.4.7 Wireshark versions 2.6.0 through 2.6.1

Description The CoAP protocol dissector in Wireshark could crash due to a NULL condition not being properly checked. This issue was addressed by modifying the epan/dissectors/packet-coap.c file.

Recommendations For Wireshark versions 2.4.0 through 2.4.7, update to a version where the NULL condition in the CoAP protocol dissector is properly checked. For Wireshark versions 2.6.0 through 2.6.1, update to a version where the NULL condition in the CoAP protocol dissector is properly checked.

Fix

Unchecked Return Value

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-252

Related Identifiers

ALT-PU-2018-1549

ALT-PU-2018-2048

ALT-PU-2018-2487

CVE-2018-14367

OPENSUSE-SU-2018_2184-1

OPENSUSE-SU-2020:0362-1

OPENSUSE-SU-2020_0362-1

OPENSUSE-SU-2024:11513-1

SUSE-SU-2018:2301-1

SUSE-SU-2018:2412-1

SUSE-SU-2018:2891-1

SUSE-SU-2018:2891-2

SUSE-SU-2020:0693-1

Affected Products

Alt Linux

Suse

Wireshark

PT-2018-12467 · Wireshark+2 · Wireshark+2

CVE-2018-14367

Weakness Enumeration

Related Identifiers

Affected Products

References · 507