CVE-2015-7830 — Improper Input Validation in Wireshark

CWE-20 — Improper Input Validation CWE-704 — Incorrect Type Conversion or Cast CWE-480 — Use of Incorrect Operator8 documents7 sources

Severity

4.3MEDIUMNVD

EPSS

0.6%

top 31.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Oracle Solaris

Timeline

PublishedNov 15

Latest updateMay 17

Description

The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

▶Debianwireshark/wireshark< 1.12.8+g5b6e543-1+3

▶NVDwireshark/wireshark8 versions+7

▶NVDoracle/solaris11.3

🔴Vulnerability Details

GHSA

GHSA-j6qh-h5qv-hv5v: The pcapng_read_if_descr_block function in wiretap/pcapng↗2022-05-17

▶

OSV

CVE-2015-7830: The pcapng_read_if_descr_block function in wiretap/pcapng↗2015-11-15

▶

CVEList

CVE-2015-7830: The pcapng_read_if_descr_block function in wiretap/pcapng↗2015-11-15

▶

📋Vendor Advisories

Red Hat

wireshark: Pcapng file parser crash↗2015-10-14

▶

Debian

CVE-2015-7830: wireshark - The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser...↗2015

▶

💬Community

Bugzilla

CVE-2015-7830 wireshark: Pcapng file parser crash [fedora-all]↗2015-10-15

▶

Bugzilla

CVE-2015-7830 wireshark: Pcapng file parser crash↗2015-10-15

▶