Search CVE reports
241 – 250 of 893 results
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.
1 affected package
wireshark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| wireshark | — | — | Not affected | Not affected | Fixed |
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.
1 affected package
wireshark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| wireshark | — | — | Not affected | Not affected | Fixed |
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
1 affected package
wireshark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| wireshark | — | — | Not affected | Not affected | Fixed |
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.
1 affected package
wireshark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| wireshark | — | — | Not affected | Not affected | Fixed |
Some fixes available 3 of 80
An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources.
8 affected packages
exactimage, kodi, xbmc, libraw, ufraw...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
Some fixes available 3 of 80
An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop.
8 affected packages
darktable, libraw, dcraw, ufraw, xbmc...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
Some fixes available 3 of 80
A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop.
8 affected packages
ufraw, kodi, darktable, dcraw, exactimage...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.
1 affected package
wireshark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| wireshark | — | — | — | — | Not affected |
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.
1 affected package
wireshark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| wireshark | — | — | — | — | Fixed |
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.
1 affected package
wireshark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| wireshark | — | — | — | — | Fixed |