CVE-2011-1138

Description

Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.

How to fix CVE-2011-1138

To remediate CVE-2011-1138, upgrade the affected package to a fixed version below.

• Debian/wireshark—upgrade to 1.4.4-1 or later

Is CVE-2011-1138 being exploited?

Low — EPSS is 3.8%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1.4.4-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2011-1138