{"id":"CVE-2020-25866","details":"In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.","modified":"2026-04-11T16:25:19.781952Z","published":"2020-10-06T15:15:15.413Z","related":["MGASA-2020-0384","SUSE-SU-2020:3166-1","openSUSE-SU-2020:1878-1","openSUSE-SU-2020:1882-1","openSUSE-SU-2024:11513-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html"},{"type":"ADVISORY","url":"https://www.wireshark.org/security/wnpa-sec-2020-13.html"},{"type":"REPORT","url":"https://gitlab.com/wireshark/wireshark/-/issues/16866"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"type":"FIX","url":"https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/wireshark/wireshark","events":[{"introduced":"937e33de60bcfcd6f68e7250e5e6914ae1d1e1e4"},{"last_affected":"643e3b0f718685b3fa7008a0c5c4707daf63ca99"},{"introduced":"e0ed4cfa3d72110257da54c26ad3a28d282ef454"},{"last_affected":"4f9257fb8ccce92b519d87c4cc905107ae09b5e9"},{"introduced":"0"},{"last_affected":"fb2c25aa9c1b4a6f7e5a8c92a5c66503702553ac"}],"database_specific":{"versions":[{"introduced":"3.0.0"},{"last_affected":"3.0.13"},{"introduced":"3.2.0"},{"last_affected":"3.2.6"},{"introduced":"0"},{"last_affected":"32"}]}},{"type":"GIT","repo":"https://gitlab.com/wireshark/wireshark","events":[{"introduced":"0"},{"fixed":"4a948427100b6c109f4ec7b4361f0d2aec5e5c3f"}]}],"versions":["backups/ethereal@18706","backups/win32-native@18706","ethereal-0-3-15","ethereal-0.3.15","start","v1.11.0","v1.11.0-rc1","v1.11.1","v1.11.1-rc1","v1.11.2","v1.11.2-rc1","v1.11.3","v1.11.3-rc1","v1.11.4-rc1","v1.99.0","v1.99.0-rc1","v1.99.1","v1.99.10rc0","v1.99.1rc0","v1.99.2","v1.99.2rc0","v1.99.3","v1.99.3rc0","v1.99.4","v1.99.4rc0","v1.99.5","v1.99.5rc0","v1.99.6","v1.99.6rc0","v1.99.7","v1.99.7rc0","v1.99.8","v1.99.8rc0","v1.99.9","v1.99.9rc0","v2.1.0","v2.1.0rc0","v2.1.1","v2.1.1rc0","v2.1.2rc0","v2.3.0rc0","v2.5.0","v2.5.0rc0","v2.5.1","v2.5.1rc0","v2.5.2rc0","v2.9.0","v2.9.0rc0","v2.9.1rc0","v3.0.0","v3.0.1","v3.0.10","v3.0.10rc0","v3.0.11","v3.0.11rc0","v3.0.12","v3.0.12rc0","v3.0.13","v3.0.13rc0","v3.0.1rc0","v3.0.2","v3.0.2rc0","v3.0.3","v3.0.3rc0","v3.0.4","v3.0.4rc0","v3.0.5","v3.0.5rc0","v3.0.6","v3.0.6rc0","v3.0.7","v3.0.7rc0","v3.0.8","v3.0.8rc0","v3.0.9","v3.0.9rc0","v3.1.0","v3.1.0rc0","v3.1.1","v3.1.1rc0","v3.1.2rc0","v3.2.0","v3.2.1","v3.2.1rc0","v3.2.2","v3.2.2rc0","v3.2.3","v3.2.3rc0","v3.2.4","v3.2.4rc0","v3.2.5","v3.2.5rc0","v3.2.6","v3.2.6rc0","v3.3.0","v3.3.0rc0","v3.3.1rc0","wireshark-1.11.3","wireshark-1.99.0","wireshark-1.99.1","wireshark-1.99.2","wireshark-1.99.3","wireshark-1.99.4","wireshark-1.99.5","wireshark-1.99.6","wireshark-1.99.7","wireshark-1.99.8","wireshark-1.99.9","wireshark-2.1.0","wireshark-2.1.1","wireshark-2.5.0","wireshark-3.0.0","wireshark-3.0.1","wireshark-3.0.10","wireshark-3.0.11","wireshark-3.0.12","wireshark-3.0.13","wireshark-3.0.2","wireshark-3.0.3","wireshark-3.0.4","wireshark-3.0.5","wireshark-3.0.6","wireshark-3.0.7","wireshark-3.0.8","wireshark-3.0.9","wireshark-3.2.0","wireshark-3.2.1","wireshark-3.2.2","wireshark-3.2.3","wireshark-3.2.4","wireshark-3.2.5","wireshark-3.2.6"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25866.json","vanir_signatures":[{"id":"CVE-2020-25866-6d7caca0","source":"https://gitlab.com/wireshark/wireshark@4a948427100b6c109f4ec7b4361f0d2aec5e5c3f","digest":{"length":2688,"function_hash":"50767432719429089269085565985219058360"},"signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"file":"epan/dissectors/packet-blip.c","function":"dissect_blip"}},{"id":"CVE-2020-25866-d45c5b3a","source":"https://gitlab.com/wireshark/wireshark@4a948427100b6c109f4ec7b4361f0d2aec5e5c3f","digest":{"length":1196,"function_hash":"268296834440097921298733415759126661212"},"signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"file":"epan/dissectors/packet-blip.c","function":"proto_register_blip"}},{"id":"CVE-2020-25866-e0730287","source":"https://gitlab.com/wireshark/wireshark@4a948427100b6c109f4ec7b4361f0d2aec5e5c3f","digest":{"length":1562,"function_hash":"42428474322532422323406658849635530022"},"signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"file":"epan/dissectors/packet-blip.c","function":"decompress"}},{"id":"CVE-2020-25866-f8f7af86","source":"https://gitlab.com/wireshark/wireshark@4a948427100b6c109f4ec7b4361f0d2aec5e5c3f","digest":{"threshold":0.9,"line_hashes":["231457119782423097333262304500154648398","89707701405970446106737834544274489479","274676446702317858184502607527688661770","337578530301425042605140723422781108003","94270442880728988200009589483509167415","178805019552179363728417786297999176910","141179626053474188331333582282551237191","173662981700678896840995837528331157958","138865619586795132684424639683189601976","11409611191344910515700795087640139094","69403195685994832883061886230825378885","156169860743477273915472800076120104623","219849491493513207790323818439742142417","217619904693307142962313629875135737357","220507903264787080702728961496908670126","288734326509726903113638476353719696280","338645410577665506361249544897178690953","246243351203548783920782033625470625781","312827323945583003851165254904168456073","79124695978977975742086628468048930995","129966154597360376161359042400484365535","337814961127370497648602450795257808090","264593872128017672958892377630930713499","225384111189463512053282973047586970171","298328022781465683426207643580473013128","222498695639466119968985341776331145842","5258528728846765490103478394797607639","157864466071517715094408824354109862092","198706397180825595129833564267555127296","187945434406417299043972500396001750019","245917967541114044285854780689720692369","129139874255337244397020427169016443104","303837371817841022052009243233175484174","231253519525035169736506241100866568645","112280967652357638204251721830276350076","97705935832910385079550075393087972167","54242014055567220435595311401597839849","61652051922311053830617595675091861012","280783539453326904475295633664487916954","339029896080718069150213807283488039738","275162149469989840664912027080591862430","247604329250242980944896267779919178825","16922500419353384526777500377016845748","273449636033521873992977931240903533351","146184341328269494100402385897399319311","235465535319092533954239357630078909252","164007606531855467976705553104737919030","229443684837100040059706810170914048851","249026293906492013133583737765376652956","175784415987065442405939710850742459347","339213355812176497329530268947986373699","110434030997506308039328143936538235679","335885824609442790771265416856535758410","133203111439316661891632654739431583440","74953611039542921136912933797430118141","66163840181607102810944825991811349474","58335138591692172721868565455874389353","312249855791953285742445620400052571293","335207649842226901599958081547601902324","176577026867923329879246743708407510234","317666205066760220936030707917884679241","70668999515487871116543842711024289387","118565453488412994374376180823953580187","299298808156616498882355689917957613079","123305081807432685163292179136898042950","245567782253499801858648075034994699004","172690816749583166372552546122236805258","71771581555261610473040994606186039608","264859136071381484652905082343372744337","224270308238106393922943091147874349011","310625589340992854528458711367792294202","85285683301875423606130055052046892594","251575269308664433899076241932240896432","209654633313750596411844604946507588238","293742803157249601550859528809642875875","7186441650223184905616272768598167097","320823090335538244163181310700144883913","175129984810074778014160343598628675264","158877268051467993223529823655647335829","133869816249295877612192588152323300205"]},"signature_version":"v1","signature_type":"Line","deprecated":false,"target":{"file":"epan/dissectors/packet-blip.c"}}],"vanir_signatures_modified":"2026-04-11T16:25:19Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"31"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.8"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}