vulnerability
Oracle Linux: CVE-2018-7418: ELSA-2020-1047: wireshark security and bug fix update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Feb 11, 2018 | Oct 5, 2022 | Dec 3, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Feb 11, 2018
Added
Oct 5, 2022
Modified
Dec 3, 2025
Description
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.
A denial of service flaw was found in the SIGCOMP dissector in Wireshark. A remote network attacker could potentially use this flaw to crash Wireshark by tricking it into processing a crafted packet.
A denial of service flaw was found in the SIGCOMP dissector in Wireshark. A remote network attacker could potentially use this flaw to crash Wireshark by tricking it into processing a crafted packet.
Solutions
oracle-linux-upgrade-wiresharkoracle-linux-upgrade-wireshark-develoracle-linux-upgrade-wireshark-gnome
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.