In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 04:22
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/108464 - Broken Link | |
References | () https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778 - Issue Tracking, Patch, Vendor Advisory | |
References | () https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=7b6e197da4c497e229ed3ebf6952bae5c426a820 - | |
References | () https://lists.debian.org/debian-lts-announce/2020/10/msg00036.html - Mailing List, Third Party Advisory | |
References | () https://support.f5.com/csp/article/K06725231 - Third Party Advisory | |
References | () https://support.f5.com/csp/article/K06725231?utm_source=f5support&%3Butm_medium=RSS - | |
References | () https://usn.ubuntu.com/4133-1/ - Third Party Advisory | |
References | () https://www.wireshark.org/security/wnpa-sec-2019-19.html - Vendor Advisory |
03 May 2022, 14:27
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/10/msg00036.html - Mailing List, Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/108464 - Broken Link | |
References | (UBUNTU) https://usn.ubuntu.com/4133-1/ - Third Party Advisory | |
References | (CONFIRM) https://support.f5.com/csp/article/K06725231?utm_source=f5support&utm_medium=RSS - Third Party Advisory | |
References | (CONFIRM) https://support.f5.com/csp/article/K06725231 - Third Party Advisory | |
CWE | CWE-674 | |
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_domain_name_system:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_link_controller:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_webaccelerator:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_edge_gateway:15.1.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_analytics:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* |
Information
Published : 2019-05-23 12:29
Updated : 2024-11-21 04:22
NVD link : CVE-2019-12295
Mitre link : CVE-2019-12295
CVE.ORG link : CVE-2019-12295
JSON object : View
Products Affected
f5
- big-ip_application_security_manager
- big-ip_application_acceleration_manager
- big-ip_global_traffic_manager
- big-ip_policy_enforcement_manager
- big-ip_edge_gateway
- big-ip_domain_name_system
- big-ip_fraud_protection_service
- big-ip_link_controller
- big-ip_local_traffic_manager
- big-ip_webaccelerator
- big-ip_advanced_firewall_manager
- big-ip_access_policy_manager
- big-ip_analytics
canonical
- ubuntu_linux
debian
- debian_linux
wireshark
- wireshark
CWE
CWE-674
Uncontrolled Recursion