CVE-2018-7335 : What You Need to Know

Wireshark versions 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12 had a vulnerability in the IEEE 802.11 dissector that could lead to a crash. The issue was resolved by modifying the epan/crypt/airpdcap.c file to reject excessively small lengths.

Understanding CVE-2018-7335

This CVE entry pertains to a specific vulnerability found in Wireshark versions 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, affecting the IEEE 802.11 dissector.

What is CVE-2018-7335?

CVE-2018-7335 is a vulnerability in Wireshark versions 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12 that could cause the IEEE 802.11 dissector to crash.

The Impact of CVE-2018-7335

The vulnerability could lead to a crash in Wireshark's IEEE 802.11 dissector, potentially disrupting network analysis and packet inspection processes.

Technical Details of CVE-2018-7335

Wireshark's vulnerability in versions 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12 is detailed below:

Vulnerability Description

The issue stemmed from the IEEE 802.11 dissector, which could crash due to certain input lengths. The problem was addressed by rejecting excessively small lengths in the epan/crypt/airpdcap.c file.

Affected Systems and Versions

Wireshark versions 2.4.0 to 2.4.4
Wireshark versions 2.2.0 to 2.2.12

Exploitation Mechanism

The vulnerability could be exploited by sending specially crafted packets to the affected Wireshark versions, triggering the crash in the IEEE 802.11 dissector.

Mitigation and Prevention

To address CVE-2018-7335, consider the following steps:

Immediate Steps to Take

Update Wireshark to a patched version that addresses the vulnerability.
Avoid opening suspicious or untrusted capture files with Wireshark.

Long-Term Security Practices

Regularly update Wireshark and other network analysis tools to the latest versions.
Implement network segmentation to limit the impact of potential vulnerabilities.

Patching and Updates

Apply official patches provided by Wireshark to fix the vulnerability.