ALT-PU-2017-1690-1
Closed vulnerabilities
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9343
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98797
- 98797
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1678
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1678
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=27556320b41904716b9c9f73ef8f4fe705d1e669
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=27556320b41904716b9c9f73ef8f4fe705d1e669
- https://www.wireshark.org/security/wnpa-sec-2017-30.html
- https://www.wireshark.org/security/wnpa-sec-2017-30.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9344
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98796
- 98796
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1539
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1539
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6308ae03d82a29a2e3d75e1c325c8a9f6c44dcdf
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6308ae03d82a29a2e3d75e1c325c8a9f6c44dcdf
- [debian-lts-announce] 20190325 [SECURITY] [DLA 1729-1] wireshark security update
- [debian-lts-announce] 20190325 [SECURITY] [DLA 1729-1] wireshark security update
- https://www.wireshark.org/security/wnpa-sec-2017-29.html
- https://www.wireshark.org/security/wnpa-sec-2017-29.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9345
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98798
- 98798
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1206
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1206
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e280c9b637327a65d132bfe72d917b87e6844eb5
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e280c9b637327a65d132bfe72d917b87e6844eb5
- https://www.wireshark.org/security/wnpa-sec-2017-26.html
- https://www.wireshark.org/security/wnpa-sec-2017-26.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9346
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98799
- 98799
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1200
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1200
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13631
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13631
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6c0bd15bd46a95c5b7dce02fe23c594429bb6c7e
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6c0bd15bd46a95c5b7dce02fe23c594429bb6c7e
- https://www.wireshark.org/security/wnpa-sec-2017-25.html
- https://www.wireshark.org/security/wnpa-sec-2017-25.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9347
In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98800
- 98800
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1216
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1216
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13637
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13637
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=278e52f26e7e1a23f8d2e8ed98693328c992bdce
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=278e52f26e7e1a23f8d2e8ed98693328c992bdce
- 42124
- 42124
- https://www.wireshark.org/security/wnpa-sec-2017-31.html
- https://www.wireshark.org/security/wnpa-sec-2017-31.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9348
In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98801
- 98801
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1151
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1151
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13608
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13608
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=7fe55f96672b7bf2b4ceb9ae039a0f43eddd3151
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=7fe55f96672b7bf2b4ceb9ae039a0f43eddd3151
- https://www.wireshark.org/security/wnpa-sec-2017-23.html
- https://www.wireshark.org/security/wnpa-sec-2017-23.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9349
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98803
- 98803
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1329
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1329
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=cb1b6494c44c9e939d9e2554de6b812de395e3f9
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=cb1b6494c44c9e939d9e2554de6b812de395e3f9
- [debian-lts-announce] 20190325 [SECURITY] [DLA 1729-1] wireshark security update
- [debian-lts-announce] 20190325 [SECURITY] [DLA 1729-1] wireshark security update
- https://www.wireshark.org/security/wnpa-sec-2017-27.html
- https://www.wireshark.org/security/wnpa-sec-2017-27.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9350
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98806
- 98806
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1212
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1212
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13649
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13649
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=dbc7cb0bbdd501fa96e0cb98668f6d6bf17ac4e6
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=dbc7cb0bbdd501fa96e0cb98668f6d6bf17ac4e6
- https://www.wireshark.org/security/wnpa-sec-2017-28.html
- https://www.wireshark.org/security/wnpa-sec-2017-28.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9351
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98808
- 98808
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1153
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1153
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1183
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1183
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a6e033c14da13bd5f72dfe07a347586517639d12
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a6e033c14da13bd5f72dfe07a347586517639d12
- https://www.wireshark.org/security/wnpa-sec-2017-24.html
- https://www.wireshark.org/security/wnpa-sec-2017-24.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9352
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98804
- 98804
- 1038612
- 1038612
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8c5e0cee278ff0678b0ebf4b9c2a614974b4029a
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8c5e0cee278ff0678b0ebf4b9c2a614974b4029a
- https://www.wireshark.org/security/wnpa-sec-2017-22.html
- https://www.wireshark.org/security/wnpa-sec-2017-22.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9353
In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan/dissectors/packet-ipv6.c by validating an IPv6 address.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98805
- 98805
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1303
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1303
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13675
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13675
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=40b2d475c2ad550c1a0f536d5eb30f2a7404c4f0
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=40b2d475c2ad550c1a0f536d5eb30f2a7404c4f0
- 42123
- 42123
- https://www.wireshark.org/security/wnpa-sec-2017-33.html
- https://www.wireshark.org/security/wnpa-sec-2017-33.html
Published: 2017-06-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-9354
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 98802
- 98802
- 1038612
- 1038612
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1243
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1243
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13646
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13646
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=3a77395e651acd81eb41ffd8fbdbf711e1133d76
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=3a77395e651acd81eb41ffd8fbdbf711e1133d76
- https://www.wireshark.org/security/wnpa-sec-2017-32.html
- https://www.wireshark.org/security/wnpa-sec-2017-32.html