Skip to content

Wireshark heap-based buffer overflow in vwr_read_s2_s3_W_rec

This issue was migrated from bug 11795 in our old bug tracker.

Original bug information:

Reporter: Mateusz Jurczyk
Status: RESOLVED FIXED
Product: Wireshark
Component: Capture file support (libwiretap)
OS: All
Platform: All
Version: Git

Attachments:

reproducers.zip: Reproducers.
asan_heap-oob_4c1046_918_0b955ac22edadade61f954892787058e.pcap: unzip file 1
asan_heap-oob_4c1046_4971_813a6227da6c064abc05034af4185727.pcap: unzip file 2
asan_heap-oob_4c1046_5664_3d4a7b57dbd0316586c188e5fa6840e0.pcap: unzip file 3

See also: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4415

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information