vulnerability
Oracle Linux: CVE-2018-19622: ELSA-2020-1047: wireshark security and bug fix update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Nov 27, 2018 | Oct 5, 2022 | Dec 3, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Nov 27, 2018
Added
Oct 5, 2022
Modified
Dec 3, 2025
Description
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.
A vulnerability in MMSE dissector allows Wireshark to loop infinitely when parsing a specially crafted pcap file. Remote attacker could cause a denial of service to Wireshark by injecting malicious packets into the network that are automatically processed.
A vulnerability in MMSE dissector allows Wireshark to loop infinitely when parsing a specially crafted pcap file. Remote attacker could cause a denial of service to Wireshark by injecting malicious packets into the network that are automatically processed.
Solutions
oracle-linux-upgrade-wiresharkoracle-linux-upgrade-wireshark-develoracle-linux-upgrade-wireshark-gnome
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.