Univention Bugzilla – Bug 47284
wireshark: Multiple issues (4.3)
Last modified: 2018-07-04 14:53:57 CEST
New Debian wireshark 2.2.6+g32dac6a-2+deb9u3 fixes: This update addresses the following issue(s): * This update addresses the following issue(s): * CVE_2017-9343 is open CVE_2017-9344 is open CVE_2017-9345 is open CVE_2017-9346 is open CVE_2017-9347 is open CVE_2017-9348 is open CVE_2017-9349 is open CVE_2017-9350 is open CVE_2017-9351 is open CVE_2017-9352 is open CVE_2017-9353 is open CVE_2017-9354 is open CVE_2017-9616 is open CVE_2017-9617 is open CVE_2017-9766 is open CVE_2017-11406 is open CVE_2017-11407 is open CVE_2017-11410 is open CVE_2017-13764 is open CVE_2017-13765 is open CVE_2017-13767 is open CVE_2017-15189 is open CVE_2017-15191 is open CVE_2017-15192 is open CVE_2017-15193 is open CVE_2017-17935 is open CVE_2017-17997 is open * In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets. (CVE-2018-7320) CVE_2018-7321 is open CVE_2018-7322 is open CVE_2018-7323 is open CVE_2018-7324 is open CVE_2018-7325 is open CVE_2018-7326 is open CVE_2018-7329 is open CVE_2018-7331 is open CVE_2018-7332 is open CVE_2018-7333 is open * In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value. (CVE-2018-7334) * In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small. (CVE-2018-7335) CVE_2018-7336 is open CVE_2018-7337 is open CVE_2018-7417 is open CVE_2018-7418 is open * In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization. (CVE-2018-7419) CVE_2018-7420 is open CVE_2018-7421 is open CVE_2018-9256 is open CVE_2018-9257 is open CVE_2018-9258 is open CVE_2018-9259 is open CVE_2018-9260 is open * In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs. (CVE-2018-9261) CVE_2018-9262 is open CVE_2018-9263 is open * In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency. (CVE-2018-9264) CVE_2018-9265 is open CVE_2018-9266 is open CVE_2018-9267 is open CVE_2018-9268 is open CVE_2018-9269 is open CVE_2018-9270 is open CVE_2018-9271 is open CVE_2018-9272 is open * In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak. (CVE-2018-9273) CVE_2018-11356 is open CVE_2018-11357 is open * In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup. (CVE-2018-11358) CVE_2018-11359 is open * In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow. (CVE-2018-11360) CVE_2018-11361 is open * In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character. (CVE-2018-11362) 2.2.6+g32dac6a-2+deb9u3 (Wed, 30 May 2018 00:08:09 +0200) * CVE-2017-9273 / CVE-2018-11358 / CVE-2018-11360 / CVE-2018-11362 CVE-2018-7320 / CVE-2018-7334 / CVE-2018-7335 / CVE-2018-7419 CVE-2018-9261 / CVE-2018-9264 * CVE-2018-7320 wireshark: Heap-based Buffer Overflow in SIGCOMP dissector crash in packet-sigcomp.c (CVE-2018-7320) * CVE-2018-7334 wireshark: out of bounds access in UMTS MAC dissector in packet-umts_mac.c (CVE-2018-7334) * CVE-2018-7335 wireshark: IEEE 802.11 dissector crash in airpdcap.c (CVE-2018-7335) * CVE-2018-7419 wireshark: NBAP dissector crash in nbap.cnf (CVE-2018-7419) * CVE-2018-9261 wireshark: NBAP dissector crash in epan/dissectors/packet-nbap.c (CVE-2018-9261) * CVE-2018-9264 wireshark: memory leak in ui/failure_message.c (CVE-2018-9264) * CVE-2018-9273 wireshark: memory leak in epan/dissectors/packet-pcp.c (CVE-2018-9273) * CVE-2018-11358 wireshark: Use after free in packet-q931.c (CVE-2018-11358) * CVE-2018-11360 wireshark: Heap-based Buffer Overflow in packet-gsm_a_dtap.c (CVE-2018-11360) * CVE-2018-11362 wireshark: Out-of-bounds read in packet-ldss.c (CVE-2018-11362)
[4.3-1] e28f423b11 Bug #47284: wireshark 2.2.6+g32dac6a-2+deb9u3 doc/errata/staging/wireshark.yaml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) <http://10.200.17.11/4.3-1/#8831989076918597809>
Verified: * Output of automatic checks * Package update * Advisory 12b0210805 | Publish also for UCS 4.3-0
<http://errata.software-univention.de/ucs/4.3/138.html>