PT-2018-13394 · Wireshark+2 · Wireshark+2

Published

2018-04-03

Updated

2024-06-15

CVE-2018-16058

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Wireshark versions 2.2.0 through 2.2.16 Wireshark versions 2.4.0 through 2.4.8 Wireshark versions 2.6.0 through 2.6.2

Description The Bluetooth AVDTP dissector could crash due to improper initialization of a data structure. This issue was addressed by properly initializing the data structure in epan/dissectors/packet-btavdtp.c.

Recommendations For Wireshark versions 2.2.0 through 2.2.16, update to a version where the Bluetooth AVDTP dissector is properly initialized. For Wireshark versions 2.4.0 through 2.4.8, update to a version where the Bluetooth AVDTP dissector is properly initialized. For Wireshark versions 2.6.0 through 2.6.2, update to a version where the Bluetooth AVDTP dissector is properly initialized.

Fix

Improper Initialization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-665

Related Identifiers

ALT-PU-2018-1549

ALT-PU-2018-2268

ALT-PU-2018-2487

CVE-2018-16058

DLA-1634-1

DSA-4315-1

MGASA-2018-0370

OPENSUSE-SU-2018_2587-1

OPENSUSE-SU-2018_2628-1

OPENSUSE-SU-2020:0362-1

OPENSUSE-SU-2020_0362-1

OPENSUSE-SU-2024:11513-1

SUSE-SU-2018:2872-1

SUSE-SU-2018:2889-1

SUSE-SU-2018:2891-1

SUSE-SU-2018:2891-2

SUSE-SU-2020:0693-1

Affected Products

Alt Linux

Suse

Wireshark

PT-2018-13394 · Wireshark+2 · Wireshark+2

CVE-2018-16058

Weakness Enumeration

Related Identifiers

Affected Products

References · 529