vulnerability
Oracle Linux: CVE-2018-7418: ELSA-2020-1047: wireshark security and bug fix update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Feb 11, 2018 | Oct 5, 2022 | Dec 3, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Feb 11, 2018
Added
Oct 5, 2022
Modified
Dec 3, 2025
Description
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.
A denial of service flaw was found in the SIGCOMP dissector in Wireshark. A remote network attacker could potentially use this flaw to crash Wireshark by tricking it into processing a crafted packet.
A denial of service flaw was found in the SIGCOMP dissector in Wireshark. A remote network attacker could potentially use this flaw to crash Wireshark by tricking it into processing a crafted packet.
Solutions
oracle-linux-upgrade-wiresharkoracle-linux-upgrade-wireshark-develoracle-linux-upgrade-wireshark-gnome
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.