ByteOS Network

NVD Vulnerability Details :

CVE-2017-6014

Deferred

Source-cve@mitre.org

Published At-17 Feb, 2017 | 07:59

Updated At-20 Apr, 2025 | 01:37

In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary	2.0	7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C

CPE Matches

Wireshark Foundation

>>wireshark>>Versions up to 2.2.4(inclusive)

cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*

Debian GNU/Linux

>>debian_linux>>8.0

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-835	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.debian.org/security/2017/dsa-3811	cve@mitre.org	Third Party Advisory
http://www.securityfocus.com/bid/96284	cve@mitre.org	Third Party Advisory VDB Entry
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416	cve@mitre.org	Issue Tracking Vendor Advisory
https://security.gentoo.org/glsa/201706-12	cve@mitre.org	Third Party Advisory
http://www.debian.org/security/2017/dsa-3811	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.securityfocus.com/bid/96284	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Vendor Advisory
https://security.gentoo.org/glsa/201706-12	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History