Arch Linux Security Advisory ASA-201710-14

Severity: Medium
Date : 2017-10-12
CVE-ID : CVE-2017-15189 CVE-2017-15190 CVE-2017-15191 CVE-2017-15192
CVE-2017-15193
Package : wireshark-cli
Type : denial of service
Remote : Yes
Link : https://security.archlinux.org/AVG-440

Summary

The package wireshark-cli before version 2.4.2-1 is vulnerable to
denial of service.

Resolution

Upgrade to 2.4.2-1.

pacman -Syu “wireshark-cli>=2.4.2-1”

The problems have been fixed upstream in version 2.4.2.

Workaround

None.

Description

• CVE-2017-15189 (denial of service)

An infinite loop flaw has been discovered in wireshark before 2.4.2 in
the DOCSIS dissector leading to excessive consumption of CPU resources
by injecting a malformed packet onto the wire or by convincing someone
to read a malformed packet trace file.

• CVE-2017-15190 (denial of service)

A stack pointer use after scope flaw has been discovered in wireshark
before 2.4.2 in the RTSP dissector leading to application crash by
injecting a malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.

• CVE-2017-15191 (denial of service)

A length check flaw has been discovered in wireshark before 2.4.2 in
the BT ATT dissector when 7bit strings were decoded leading to
application crash by injecting a malformed packet onto the wire or by
convincing someone to read a malformed packet trace file.

• CVE-2017-15192 (denial of service)

A flaw has been discovered in wireshark before 2.4.2 in the BT ATT
dissector leading to application crash by injecting a malformed packet
onto the wire or by convincing someone to read a malformed packet trace
file.

• CVE-2017-15193 (denial of service)

A flaw has been discovered in wireshark before 2.4.2 in the MBIM
dissector when pre sizing wmem arrays leading to resource consumption
and application crash by injecting a malformed packet onto the wire or
by convincing someone to read a malformed packet trace file.

Impact

A remote attacker might be able to crash wireshark by injecting a
malformed packet onto the wire or by convincing someone to read a
malformed packet trace file.

References

http://seclists.org/wireshark/2017/Oct/27
https://www.wireshark.org/security/wnpa-sec-2017-46.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14080
https://code.wireshark.org/review/#/c/23663/
https://www.wireshark.org/security/wnpa-sec-2017-45.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14077
https://code.wireshark.org/review/#/c/23635/
https://www.wireshark.org/security/wnpa-sec-2017-44.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068
https://code.wireshark.org/review/#/c/23591/
https://www.wireshark.org/security/wnpa-sec-2017-42.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14049
https://code.wireshark.org/review/#/c/23470/
https://www.wireshark.org/security/wnpa-sec-2017-43.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14056
https://code.wireshark.org/review/#/c/23537/
https://security.archlinux.org/CVE-2017-15189
https://security.archlinux.org/CVE-2017-15190
https://security.archlinux.org/CVE-2017-15191
https://security.archlinux.org/CVE-2017-15192
https://security.archlinux.org/CVE-2017-15193