CVE-2016-9373 — Use After Free in Wireshark

CWE-416 — Use After Free6 documents6 sources

Severity

5.9MEDIUMNVD

EPSS

1.2%

top 20.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Debian Wireshark Debian Linux

Timeline

PublishedNov 17

Latest updateMay 17

Description

In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/wireshark< wireshark 2.2.2+g9c5aae3-1 (bookworm)

▶Debianwireshark/wireshark< 2.2.2+g9c5aae3-1+3

▶NVDwireshark/wireshark10 versions+9

Also affects: Debian Linux 8.0

🔴Vulnerability Details

GHSA

GHSA-28c2-hmwc-85x2: In Wireshark 2↗2022-05-17

▶

OSV

CVE-2016-9373: In Wireshark 2↗2016-11-17

▶

📋Vendor Advisories

Red Hat

wireshark: DCERPC crash (wnpa-sec-2016-61)↗2016-11-16

▶

Debian

CVE-2016-9373: wireshark - In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash...↗2016

▶

💬Community

Bugzilla

CVE-2016-9373 wireshark: DCERPC crash (wnpa-sec-2016-61)↗2016-11-18

▶