CVE-2018-14340

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.
Configurations

Configuration 1

cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Information

Published : 2018-07-19 02:29

Updated : 2020-03-20 01:15


NVD link : CVE-2018-14340

Mitre link : CVE-2018-14340

Products Affected
No products.
CWE
CWE-125

Out-of-bounds Read