The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip ‘\n’ characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 8.0 | |
wireshark | le | 2.2.11 |