CVE-2020-25866

HIGH

Wireshark 3.0.0-3.0.13 and 3.2.0-3.2.6 - Denial of Service via BLIP Protocol Dissector NULL Pointer Dereference

Title source: llm
STIX 2.1

Description

In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.

References (9)

Core 9
Core References
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://gitlab.com/wireshark/wireshark/-/issues/16866
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujan2021.html

Scores

CVSS v3 7.5
EPSS 0.0132
EPSS Percentile 80.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-476
Status published
Products (7)
fedoraproject/fedora 31
fedoraproject/fedora 32
fedoraproject/fedora 33
opensuse/leap 15.1
opensuse/leap 15.2
oracle/zfs_storage_appliance_kit 8.8
wireshark/wireshark 3.0.0 - 3.0.13
Published Oct 06, 2020
Tracked Since Feb 18, 2026