1
Candidate: CVE-2017-5596
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5596
5
https://www.wireshark.org/security/wnpa-sec-2017-01.html
6
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13344
7
https://code.wireshark.org/review/#/c/19746/
8
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=781f03580c81339513bb1238b202b72469a1240b
10
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could
11
go into an infinite loop, triggered by packet injection or a malformed
12
capture file. This was addressed in epan/dissectors/packet-asterix.c by
13
changing a data type to avoid an integer overflow.
22
upstream_wireshark: released (2.2.4+gcc3dc1b-1)
23
precise_wireshark: ignored (reached end-of-life)
24
precise/esm_wireshark: DNE (precise was needs-triage)
25
trusty_wireshark: released (1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1)
26
vivid/stable-phone-overlay_wireshark: DNE
27
vivid/ubuntu-core_wireshark: DNE
28
xenial_wireshark: released (2.2.6+g32dac6a-2ubuntu0.16.04)
29
yakkety_wireshark: ignored (reached end-of-life)
30
zesty_wireshark: not-affected (2.2.4+gcc3dc1b-1)
31
artful_wireshark: not-affected (2.2.4+gcc3dc1b-1)
32
bionic_wireshark: not-affected (2.2.4+gcc3dc1b-1)
33
devel_wireshark: not-affected (2.2.4+gcc3dc1b-1)