[arch-security] [ASA-201710-14] wireshark-cli: denial of service
Remi Gacogne
rgacogne at archlinux.org
Thu Oct 12 18:12:07 UTC 2017
Arch Linux Security Advisory ASA-201710-14
==========================================
Severity: Medium
Date : 2017-10-12
CVE-ID : CVE-2017-15189 CVE-2017-15190 CVE-2017-15191 CVE-2017-15192
CVE-2017-15193
Package : wireshark-cli
Type : denial of service
Remote : Yes
Link : https://security.archlinux.org/AVG-440
Summary
=======
The package wireshark-cli before version 2.4.2-1 is vulnerable to
denial of service.
Resolution
==========
Upgrade to 2.4.2-1.
# pacman -Syu "wireshark-cli>=2.4.2-1"
The problems have been fixed upstream in version 2.4.2.
Workaround
==========
None.
Description
===========
- CVE-2017-15189 (denial of service)
An infinite loop flaw has been discovered in wireshark before 2.4.2 in
the DOCSIS dissector leading to excessive consumption of CPU resources
by injecting a malformed packet onto the wire or by convincing someone
to read a malformed packet trace file.
- CVE-2017-15190 (denial of service)
A stack pointer use after scope flaw has been discovered in wireshark
before 2.4.2 in the RTSP dissector leading to application crash by
injecting a malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.
- CVE-2017-15191 (denial of service)
A length check flaw has been discovered in wireshark before 2.4.2 in
the BT ATT dissector when 7bit strings were decoded leading to
application crash by injecting a malformed packet onto the wire or by
convincing someone to read a malformed packet trace file.
- CVE-2017-15192 (denial of service)
A flaw has been discovered in wireshark before 2.4.2 in the BT ATT
dissector leading to application crash by injecting a malformed packet
onto the wire or by convincing someone to read a malformed packet trace
file.
- CVE-2017-15193 (denial of service)
A flaw has been discovered in wireshark before 2.4.2 in the MBIM
dissector when pre sizing wmem arrays leading to resource consumption
and application crash by injecting a malformed packet onto the wire or
by convincing someone to read a malformed packet trace file.
Impact
======
A remote attacker might be able to crash wireshark by injecting a
malformed packet onto the wire or by convincing someone to read a
malformed packet trace file.
References
==========
http://seclists.org/wireshark/2017/Oct/27
https://www.wireshark.org/security/wnpa-sec-2017-46.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14080
https://code.wireshark.org/review/#/c/23663/
https://www.wireshark.org/security/wnpa-sec-2017-45.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14077
https://code.wireshark.org/review/#/c/23635/
https://www.wireshark.org/security/wnpa-sec-2017-44.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068
https://code.wireshark.org/review/#/c/23591/
https://www.wireshark.org/security/wnpa-sec-2017-42.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14049
https://code.wireshark.org/review/#/c/23470/
https://www.wireshark.org/security/wnpa-sec-2017-43.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14056
https://code.wireshark.org/review/#/c/23537/
https://security.archlinux.org/CVE-2017-15189
https://security.archlinux.org/CVE-2017-15190
https://security.archlinux.org/CVE-2017-15191
https://security.archlinux.org/CVE-2017-15192
https://security.archlinux.org/CVE-2017-15193
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20171012/b109a551/attachment.asc>
More information about the arch-security
mailing list