AVG-440

Package wireshark-cli
Status Fixed
Severity Medium
Type denial of service
Affected 2.4.1-1
Fixed 2.4.2-1
Current 2.6.6-1 [community]
Ticket None
Created Tue Oct 10 21:13:55 2017
Issue Severity Remote Type Description
CVE-2017-15193 Medium Yes Denial of service
A flaw has been discovered in wireshark before 2.4.2 in the MBIM dissector when pre sizing wmem arrays leading to resource consumption and application crash...
CVE-2017-15192 Medium Yes Denial of service
A flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector leading to application crash by injecting a malformed packet onto the wire or...
CVE-2017-15191 Medium Yes Denial of service
A length check flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector when 7bit strings were decoded leading to application crash by...
CVE-2017-15190 Medium Yes Denial of service
A stack pointer use after scope flaw has been discovered in wireshark before 2.4.2 in the RTSP dissector leading to application crash by injecting a...
CVE-2017-15189 Medium Yes Denial of service
An infinite loop flaw has been discovered in wireshark before 2.4.2 in the DOCSIS dissector leading to excessive consumption of CPU resources by injecting a...
Date Advisory Package Description
12 Oct 2017 ASA-201710-14 wireshark-cli denial of service
References
http://seclists.org/wireshark/2017/Oct/27