Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-6421

Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service (application crash) via a crafted packet that leverages split memory ownership between the SDP and RTP dissectors.

Related bugs and status

CVE-2014-6421 (Candidate) is related to these bugs:

Bug #1567407: [SRU] Update to bugfix release 1.10.14 in Trusty

Summary				In	Importance	Status
	1567407	[SRU] Update to bugfix release 1.10.14 in Trusty		wireshark (Ubuntu)	Undecided	Expired

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.wireshark.o...
CONFIRM: https://bugs.wireshark...
CONFIRM: https://code.wireshark...
SUSE: SUSE-SU-2014:1221
SUSE: openSUSE-SU-2014:1249
SECUNIA: 60280
CONFIRM: http://linux.oracle.co...
CONFIRM: http://linux.oracle.co...
SECUNIA: 61929
SECUNIA: 61933
REDHAT: RHSA-2014:1676
REDHAT: RHSA-2014:1677