Wireshark ‘dissectors/asn1/ros/packet-ros-template.c’ Denial of Service Vulnerability
by CIRT Team
Description: In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.
Impact: Attackers can exploit this issue to crash the affected application, resulting in denial-of-service conditions.
Mitigation: Upgrade to Wireshark 2.2.7 or later.
26 Oct 2023 - Security Advisories & Alerts