Source: wireshark Version: 2.4.6-1 Severity: serious Tags: security upstream Justification: regression from stable
Hi, The following vulnerabilities were published for wireshark. Reasoning for the RC severity: some issues are fixed already in stable via a DSA, but the fixes missing in the next stable. Thus the RC severity athough just from aspect of the severity of the issue that might not be warranted. CVE-2018-11356[0]: | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS | dissector could crash. This was addressed in | epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for | an empty name in an SRV record. CVE-2018-11357[1]: | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP | dissector and other dissectors could consume excessive memory. This was | addressed in epan/tvbuff.c by rejecting negative lengths. CVE-2018-11358[2]: | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 | dissector could crash. This was addressed in | epan/dissectors/packet-q931.c by avoiding a use-after-free after a | malformed packet prevented certain cleanup. CVE-2018-11359[3]: | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC | dissector and other dissectors could crash. This was addressed in | epan/proto.c by avoiding a NULL pointer dereference. CVE-2018-11360[4]: | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP | dissector could crash. This was addressed in | epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that | caused a buffer overflow. CVE-2018-11361[5]: | In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. | This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer | overflow during FTE processing in Dot11DecryptTDLSDeriveKey. CVE-2018-11362[6]: | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS | dissector could crash. This was addressed in | epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon | encountering a missing '\0' character. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-11356 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11356 [1] https://security-tracker.debian.org/tracker/CVE-2018-11357 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11357 [2] https://security-tracker.debian.org/tracker/CVE-2018-11358 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11358 [3] https://security-tracker.debian.org/tracker/CVE-2018-11359 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11359 [4] https://security-tracker.debian.org/tracker/CVE-2018-11360 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11360 [5] https://security-tracker.debian.org/tracker/CVE-2018-11361 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11361 [6] https://security-tracker.debian.org/tracker/CVE-2018-11362 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11362 Regards, Salvatore
