CVE-2018-16057

Description

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.

Risk Information

Base Score

7.5

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

1.278

Associated Vulnerability

Vulnerability	OS Platform
Wireshark (2.6.3)	Windows
Wireshark (X64) (2.6.3)	Windows
Upgrade Foxit Reader Enterprise 9.3.0.10826 to latest version	Windows
Upgrade foxit_reader 9.3.0.10826 to latest version	Windows
Vulnerabilities CVE-2018-16057,CVE-2018-16056,CVE-2018-16058 are fixed in Wireshark x64 2.2.17	Windows
Vulnerabilities CVE-2018-16057,CVE-2018-16056,CVE-2018-16058 are fixed in Wireshark x64 2.4.9	Windows
Vulnerabilities CVE-2018-16057,CVE-2018-16056,CVE-2018-16058 are fixed in Wireshark x64 2.6.3	Windows
Vulnerabilities CVE-2018-16056,CVE-2018-16057,CVE-2018-16058 are affected in WireShark For Mac 2.2.16	Mac
Vulnerabilities CVE-2018-16056,CVE-2018-16057,CVE-2018-16058 are affected in WireShark For Mac 2.4.8	Mac
Vulnerabilities CVE-2018-16056,CVE-2018-16057,CVE-2018-16058 are affected in WireShark For Mac 2.6.2	Mac
SUSE-SU-2018:2872-1(SUSE Linux Enterprise Server 11-SP4 ) libwireshark8-2.2.17-40.31.1.x86_64.rpm	Linux
SUSE-SU-2018:2872-1(SUSE Linux Enterprise Server 11-SP4 ) libwiretap6-2.2.17-40.31.1.x86_64.rpm	Linux
SUSE-SU-2018:2872-1(SUSE Linux Enterprise Server 11-SP4 ) libwscodecs1-2.2.17-40.31.1.x86_64.rpm	Linux
SUSE-SU-2018:2872-1(SUSE Linux Enterprise Server 11-SP4 ) libwsutil7-2.2.17-40.31.1.x86_64.rpm	Linux
SUSE-SU-2018:2872-1(SUSE Linux Enterprise Server 11-SP4 ) wireshark-2.2.17-40.31.1.x86_64.rpm	Linux
SUSE-SU-2018:2872-1(SUSE Linux Enterprise Server 11-SP4 ) wireshark-gtk-2.2.17-40.31.1.x86_64.rpm	Linux
(RHSA-2020:1047) wireshark security and bug fix update wireshark-1.10.14-24.el7.i686.rpm	Linux
(RHSA-2020:1047) wireshark security and bug fix update wireshark-1.10.14-24.el7.x86_64.rpm	Linux
(RHSA-2020:1047) wireshark security and bug fix update wireshark-devel-1.10.14-24.el7.i686.rpm	Linux
(RHSA-2020:1047) wireshark security and bug fix update wireshark-devel-1.10.14-24.el7.x86_64.rpm	Linux
(RHSA-2020:1047) wireshark security and bug fix update wireshark-gnome-1.10.14-24.el7.x86_64.rpm	Linux
(RHSA-2020:1047)Moderate: security and bug fix update wireshark-debuginfo-1.10.14-24.el7.i686.rpm	Linux
(RHSA-2020:1047)Moderate: security and bug fix update wireshark-debuginfo-1.10.14-24.el7.x86_64.rpm	Linux
wireshark Security Update (ALAS-2020-1438) wireshark-gnome-1.10.14-24.amzn2.x86_64.rpm	Linux
CVE-2018-16057	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-307985	Wireshark (2.6.3)
PATCH-307986	Wireshark (X64) (2.6.3)
PATCH-341798	Foxit PDF Reader (MSI) (2024.3.0.26795) (Formerly Foxit Reader Enterprise)
PATCH-341796	Foxit Reader (2024.3.0.26795)
PATCH-338541	Wireshark (3.6.24)
PATCH-338541	Wireshark (3.6.24)
PATCH-307985	Wireshark (2.6.3)
PATCH-611905	WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905	WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905	WireShark for Mac (Apple Silicon) (4.4.9)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234