wireshark: Multiple vulnerabilities (CVE-2018-7320, CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE..., CVE-2018-7419, CVE-2018-7420)
CVE-2018-7335: IEEE 802.11 dissector crash
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
Reference:
https://www.wireshark.org/security/wnpa-sec-2018-05.html
*CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324,
CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328
CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332,
CVE-2018-7333*: Large or infinite loops in multiple dissectors
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
Reference:
https://www.wireshark.org/security/wnpa-sec-2018-06.html
CVE-2018-7334: UMTS MAC dissector crash
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
Reference:
https://www.wireshark.org/security/wnpa-sec-2018-07.html
CVE-2018-7337: DOCSIS dissector crash
Affected versions: 2.4.0 to 2.4.4
Fixed versions: 2.4.5
Reference:
https://www.wireshark.org/security/wnpa-sec-2018-08.html
CVE-2018-7336: FCP dissector crash
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
Reference:
https://www.wireshark.org/security/wnpa-sec-2018-09.html
CVE-2018-7320: SIGCOMP dissector crash
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
Reference:
https://www.wireshark.org/security/wnpa-sec-2018-10.html
CVE-2018-7420: Pcapng file parser crash
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
References:
https://www.wireshark.org/security/wnpa-sec-2018-11.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=14403
CVE-2018-7417: IPMI dissector crash
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
https://www.wireshark.org/security/wnpa-sec-2018-12.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=14409
CVE-2018-7418: SIGCOMP dissector crash
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
References:
https://www.wireshark.org/security/wnpa-sec-2018-13.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=14410
CVE-2018-7419: NBAP dissector crash
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
References:
https://www.wireshark.org/security/wnpa-sec-2018-14.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=14443
(from redmine: issue id 8649, created on 2018-03-15)
- Relations:
- copied_to #8650 (closed)
- copied_to #8651 (closed)
- copied_to #8652 (closed)
- child #8650 (closed)
- child #8651 (closed)
- child #8652 (closed)