Description
An infinite loop and memory exhaustion vulnerability was found in Wireshark versions 2.2.4 and earlier. By exploiting this vulnerability malicious users can possibly cause a denial of service. This vulnerability can be exploited remotely via a specially designed or malformed STANAG 4607 capture.
Technical details
The issue is related to a packet with null field of the packet size in the packet header. In this case, the offset to read from will not advance. Contininuous attempts to read the same zero-length packet will soon exhaust all system memory.
Original advisories
Related products
CVE list
- CVE-2017-6014 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!