In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.
The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Wireshark | Wireshark | 2.6.0 (including) | 2.6.3 (including) |
Wireshark | Ubuntu | bionic | * |
Wireshark | Ubuntu | trusty | * |
Wireshark | Ubuntu | upstream | * |
Wireshark | Ubuntu | xenial | * |