[Wireshark-bugs] [Bug 15132] Invalid write in dissect_segment_ofstable()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132 Gerald Combs changed: What|Removed |Added See Also||http://cve.mitre.org/cgi-bi ||n/cvename.cgi?name=CVE-2018 ||-19623 -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 15132] Invalid write in dissect_segment_ofstable()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132 Peter Wu changed: What|Removed |Added Resolution|--- |FIXED Status|CONFIRMED |RESOLVED --- Comment #8 from Peter Wu --- Fixed heap-buffer-overflow (write) in: v2.9.0rc0-2305-g5797f60274 v2.6.5rc0-54-g1ec5a933e1 v2.4.11rc0-20-g9c8645ec7b This has a quite high severity as an attacker can write arbitrary data at arbitrary addresses before the packet-scoped memory. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 15132] Invalid write in dissect_segment_ofstable()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132 --- Comment #7 from Gerrit Code Review --- Change 30347 merged by Peter Wu: LBMPDM: fix heap-buffer-overflow (write) in dissect_segment_ofstable https://code.wireshark.org/review/30347 -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 15132] Invalid write in dissect_segment_ofstable()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132 --- Comment #6 from Gerrit Code Review --- Change 30347 had a related patch set uploaded by Peter Wu: LBMPDM: fix heap-buffer-overflow (write) in dissect_segment_ofstable https://code.wireshark.org/review/30347 -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 15132] Invalid write in dissect_segment_ofstable()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132 --- Comment #5 from Gerrit Code Review --- Change 30346 merged by Peter Wu: LBMPDM: fix heap-buffer-overflow (write) in dissect_segment_ofstable https://code.wireshark.org/review/30346 -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 15132] Invalid write in dissect_segment_ofstable()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132 --- Comment #4 from Gerrit Code Review --- Change 30346 had a related patch set uploaded by Peter Wu: LBMPDM: fix heap-buffer-overflow (write) in dissect_segment_ofstable https://code.wireshark.org/review/30346 -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 15132] Invalid write in dissect_segment_ofstable()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132 --- Comment #3 from Gerrit Code Review --- Change 30300 merged by Anders Broman: LBMPDM: fix heap-buffer-overflow (write) in dissect_segment_ofstable https://code.wireshark.org/review/30300 -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 15132] Invalid write in dissect_segment_ofstable()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132 --- Comment #2 from Gerrit Code Review --- Change 30300 had a related patch set uploaded by Peter Wu: LBMPDM: fix heap-buffer-overflow (write) in dissect_segment_ofstable https://code.wireshark.org/review/30300 -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 15132] Invalid write in dissect_segment_ofstable()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132 Peter Wu changed: What|Removed |Added Ever confirmed|0 |1 CC||pe...@lekensteyn.nl Status|UNCONFIRMED |CONFIRMED --- Comment #1 from Peter Wu --- Confirmed, thank you. For reproduction without oss-fuzz, you can now also build locally with: cmake -GNinja -DENABLE_FUZZER=1 -DENABLE_ASAN=1 && ninja fuzzshark_ip HOME=/nonexistent run/fuzzshark_ip wireshark_iw_dissect_segment_ofstable (this is a relatively new feature and specifically fuzzshark_ip needs another fix to avoid an assertion failure: https://code.wireshark.org/review/30299) -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe