vulnerability

SUSE: CVE-2017-17935: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Dec 27, 2017	Jan 24, 2018	Aug 12, 2021

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Dec 27, 2017

Added

Jan 24, 2018

Modified

Aug 12, 2021

Description

The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line.

Solution(s)

suse-upgrade-libwireshark8suse-upgrade-libwireshark9suse-upgrade-libwiretap6suse-upgrade-libwiretap7suse-upgrade-libwscodecs1suse-upgrade-libwsutil7suse-upgrade-libwsutil8suse-upgrade-wiresharksuse-upgrade-wireshark-develsuse-upgrade-wireshark-gtk

References

SUSE-SUSE-SU-2018:0179-1
SUSE-SUSE-SU-2018:0191-1
NVD-CVE-2017-17935

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today