Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-8727Improper Input Validation in Wireshark

CWE-20Improper Input ValidationCWE-416Use After Free7 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.8%
top 26.40%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
WiresharkDebian Wireshark
Timeline
PublishedJan 4
Latest updateMay 17

Description

The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

debiandebian/wireshark< wireshark 2.0.1+g59ea380-1 (bookworm)
Debianwireshark/wireshark< 2.0.1+g59ea380-1+3
NVDwireshark/wireshark10 versions+9

🔴Vulnerability Details

2
GHSA
GHSA-8rvv-cjfc-5wj7: The dissect_rsvp_common function in epan/dissectors/packet-rsvp2022-05-17
OSV
CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp2016-01-04

💥Exploits & PoCs

1
Exploit-DB
Wireshark - addresses_equal 'dissect_rsvp_common' Use-After-Free2015-12-16

📋Vendor Advisories

2
Red Hat
wireshark: RSVP dissector crash (wnpa-sec-2015-45)2015-12-29
Debian
CVE-2015-8727: wireshark - The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP di...2015

💬Community

1
Bugzilla
CVE-2015-8727 wireshark: RSVP dissector crash (wnpa-sec-2015-45)2016-01-06