Bug 1581773 (CVE-2018-11358)
| Summary: | CVE-2018-11358 wireshark: Use after free in packet-q931.c | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Laura Pardo <lpardo> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | denis, huzaifas, lemenkov, mruprich, msehnout, phatina, tcullum |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | wireshark 2.6.1, wireshark 2.4.7, wireshark 2.2.15 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A use-after-free flaw was found in the code responsible for processing packages from Q.931 protocol, in wireshark. An attacker can send specially crafted packages over the network which, when received, would cause an application to crash, or potentially, corrupt information.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-06-29 19:57:46 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1581754, 1581791, 1591489 | ||
| Bug Blocks: | 1581792 | ||
|
Description
Laura Pardo
2018-05-23 15:28:37 UTC
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1581754] |