AVG-708 log

Package wireshark-cli, wireshark-common, wireshark-gtk, wireshark-qt
Status Fixed
Severity Critical
Type multiple issues
Affected 2.6.0-1
Fixed 2.6.1-1
Current 4.4.2-1 [extra]
Ticket None
Created Tue May 22 21:08:20 2018
Issue Severity Remote Type Description
CVE-2018-11362 Medium Yes Information disclosure
An out-of-bounds read has been found in the LDSS dissector of Wireshark <= 2.6.0.
CVE-2018-11361 Low Yes Denial of service
A heap-based out-of-bounds read has been found in the IEEE 802.11 dissector of Wireshark <= 2.6.0.
CVE-2018-11360 Critical Yes Arbitrary code execution
A heap-based off-by-one write has been found in the GSM A DTAP dissector of Wireshark <= 2.6.0.
CVE-2018-11359 Low Yes Denial of service
A null-pointer dereference has been found in several dissectors of Wireshark <= 2.6.0.
CVE-2018-11358 Critical Yes Arbitrary code execution
A heap-based use-after-free has been found in the Q.931 dissector of Wireshark <= 2.6.0.
CVE-2018-11357 Low Yes Denial of service
An integer overflow leading to excessive memory allocation has been found in several dissectors of Wireshark <= 2.6.0.
CVE-2018-11356 Low Yes Denial of service
A null-pointer dereference has been found in the DNS dissector of Wireshark <= 2.6.0.
CVE-2018-11355 Critical Yes Arbitrary code execution
A heap-based buffer overflow has been found in the RTCP dissector of Wireshark <= 2.6.0.
CVE-2018-11354 Medium Yes Information disclosure
An out-of-bounds read has been found in the IEEE 1905.1a dissector of Wireshark <= 2.6.0.
Date Advisory Package Type
25 May 2018 ASA-201805-25 wireshark-cli multiple issues
25 May 2018 ASA-201805-24 wireshark-common multiple issues
25 May 2018 ASA-201805-23 wireshark-qt multiple issues
25 May 2018 ASA-201805-22 wireshark-gtk multiple issues