MBIM Dissector Memory Exhaustion Vulnerability

MBIM Dissector Memory Exhaustion Vulnerability

CVE-2017-15193 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.

Learn more about our Web Application Penetration Testing UK.