Arch Linux Security Advisory ASA-201710-14 ========================================== Severity: Medium Date : 2017-10-12 CVE-ID : CVE-2017-15189 CVE-2017-15190 CVE-2017-15191 CVE-2017-15192 CVE-2017-15193 Package : wireshark-cli Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-440 Summary ======= The package wireshark-cli before version 2.4.2-1 is vulnerable to denial of service. Resolution ========== Upgrade to 2.4.2-1. # pacman -Syu "wireshark-cli>=2.4.2-1" The problems have been fixed upstream in version 2.4.2. Workaround ========== None. Description =========== - CVE-2017-15189 (denial of service) An infinite loop flaw has been discovered in wireshark before 2.4.2 in the DOCSIS dissector leading to excessive consumption of CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. - CVE-2017-15190 (denial of service) A stack pointer use after scope flaw has been discovered in wireshark before 2.4.2 in the RTSP dissector leading to application crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. - CVE-2017-15191 (denial of service) A length check flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector when 7bit strings were decoded leading to application crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. - CVE-2017-15192 (denial of service) A flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector leading to application crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. - CVE-2017-15193 (denial of service) A flaw has been discovered in wireshark before 2.4.2 in the MBIM dissector when pre sizing wmem arrays leading to resource consumption and application crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Impact ====== A remote attacker might be able to crash wireshark by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. References ========== http://seclists.org/wireshark/2017/Oct/27 https://www.wireshark.org/security/wnpa-sec-2017-46.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14080 https://code.wireshark.org/review/#/c/23663/ https://www.wireshark.org/security/wnpa-sec-2017-45.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14077 https://code.wireshark.org/review/#/c/23635/ https://www.wireshark.org/security/wnpa-sec-2017-44.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068 https://code.wireshark.org/review/#/c/23591/ https://www.wireshark.org/security/wnpa-sec-2017-42.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14049 https://code.wireshark.org/review/#/c/23470/ https://www.wireshark.org/security/wnpa-sec-2017-43.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14056 https://code.wireshark.org/review/#/c/23537/ https://security.archlinux.org/CVE-2017-15189 https://security.archlinux.org/CVE-2017-15190 https://security.archlinux.org/CVE-2017-15191 https://security.archlinux.org/CVE-2017-15192 https://security.archlinux.org/CVE-2017-15193