CVE Details
ID CVE-2019-10898
Summary In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length.
References
Vulnerable Configurations
  • cpe:2.3:a:wireshark:wireshark:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 24-08-2020 - 17:37)
Impact: 2.9
Exploitability:10.0
CWE CWE-835
CAPEC Click the CAPEC title to display a description
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
CVSS v3.1
Base: 7.5 (as of 24-08-2020 - 17:37)
Impact: 3.6
Exploitability:3.9
Exploitability v3.1
Attack ComplexityAttack vectorPrivileges RequiredScopeUser Interaction
LOW NETWORK NONE UNCHANGED NONE
Impact v3.1
ConfidentialityIntegrityAvailability
NONE NONE HIGH
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3-vector via4 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
refmap via4
bid 107836
fedora
  • FEDORA-2019-77b2d840ef
  • FEDORA-2019-aef1dac6a0
misc
suse openSUSE-SU-2020:0362
Last major update 24-08-2020 - 17:37
Published 09-04-2019 - 04:29
Last modified 24-08-2020 - 17:37