Debian Wireshark vulnerabilities

CVE-2018-9271 [HIGH] CVE-2018-9271: wireshark - In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipar... In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak. Scope: local bookworm: resolved (fixed in 2.4.6-1) bullseye: resolved (fixed in 2.4.6-1) forky: resolved (fixed in 2.4.6-1) sid: resolved (fixed in 2.4.6-1) trixie: resolved (fixed in 2.4.6-1)

CVE-2018-7321 [HIGH] CVE-2018-7321: wireshark - In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c... In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type. Scope: local bookworm: resolved (fixed in 2.4.5-1) bullseye: resolved (fixed in 2.4.5-1) forky: resolved (fixed in 2.4.5-1) sid: resolved (fixed in 2.4.5-1) trixie: resolved (fix

CVE-2018-7332 [HIGH] CVE-2018-7332: wireshark - In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c... In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length. Scope: local bookworm: resolved (fixed in 2.4.5-1) bullseye: resolved (fixed in 2.4.5-1) forky: resolved (fixed in 2.4.5-1) sid: resolved (fixed in 2.4.5-1) trixie: resolved (fixed in 2.4.5-1)

CVE-2018-7326 [HIGH] CVE-2018-7326: wireshark - In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c h... In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type. Scope: local bookworm: resolved (fixed in 2.4.5-1) bullseye: resolved (fixed in 2.4.5-1) forky: resolved (fixed in 2.4.5-1) sid: resolved (fixed in 2.4.5-1) trixie: resolved (fixed in 2.4.5-1)

CVE-2018-11354 [HIGH] CVE-2018-11354: wireshark - In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed i... In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2018-9270 [HIGH] CVE-2018-9270: wireshark - In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak. In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak. Scope: local bookworm: resolved (fixed in 2.4.6-1) bullseye: resolved (fixed in 2.4.6-1) forky: resolved (fixed in 2.4.6-1) sid: resolved (fixed in 2.4.6-1) trixie: resolved (fixed in 2.4.6-1)

CVE-2018-9268 [HIGH] CVE-2018-9268: wireshark - In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c h... In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak. Scope: local bookworm: resolved (fixed in 2.4.6-1) bullseye: resolved (fixed in 2.4.6-1) forky: resolved (fixed in 2.4.6-1) sid: resolved (fixed in 2.4.6-1) trixie: resolved (fixed in 2.4.6-1)

CVE-2018-7333 [HIGH] CVE-2018-7333: wireshark - In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.... In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size. Scope: local bookworm: resolved (fixed in 2.4.5-1) bullseye: resolved (fixed in 2.4.5-1) forky: resolved (fixed in 2.4.5-1) sid: resolved (fixed in 2.4.5-1) trixie: resolved (fixed in 2.4.5-1)

CVE-2018-7337 [HIGH] CVE-2018-7337: wireshark - In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was... In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs. Scope: local bookworm: resolved (fixed in 2.4.5-1) bullseye: resolved (fixed in 2.4.5-1) forky: resolved (fixed in 2.4.5-1) sid: resolved (fixed in 2.4.5-1) trixie:

CVE-2018-9267 [HIGH] CVE-2018-9267: wireshark - In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c h... In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c has a memory leak. Scope: local bookworm: resolved (fixed in 2.4.6-1) bullseye: resolved (fixed in 2.4.6-1) forky: resolved (fixed in 2.4.6-1) sid: resolved (fixed in 2.4.6-1) trixie: resolved (fixed in 2.4.6-1)

CVE-2018-9272 [HIGH] CVE-2018-9272: wireshark - In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c h... In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak. Scope: local bookworm: resolved (fixed in 2.4.6-1) bullseye: resolved (fixed in 2.4.6-1) forky: resolved (fixed in 2.4.6-1) sid: resolved (fixed in 2.4.6-1) trixie: resolved (fixed in 2.4.6-1)

CVE-2018-9269 [HIGH] CVE-2018-9269: wireshark - In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c h... In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak. Scope: local bookworm: resolved (fixed in 2.4.6-1) bullseye: resolved (fixed in 2.4.6-1) forky: resolved (fixed in 2.4.6-1) sid: resolved (fixed in 2.4.6-1) trixie: resolved (fixed in 2.4.6-1)

CVE-2018-16058 [HIGH] CVE-2018-16058: wireshark - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth ... In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure. Scope: local bookworm: resolved (fixed in 2.6.3-1) bullseye: resolved (fixed in 2.6.3-1) forky: resolved (fixed in 2.6.3-1) sid: resolved (fixed in 2.6.3-1) tr

CVE-2018-11355 [HIGH] CVE-2018-11355: wireshark - In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/d... In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2018-7323 [HIGH] CVE-2018-7323: wireshark - In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c h... In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing. Scope: local bookworm: resolved (fixed in 2.4.5-1) bullseye: resolved (fixed in 2.4.5-1) forky: resolved (fixed in 2.4.5-1) sid: resolved (fixed in 2.4.5-1) trixie: resolved (fixed in 2.

CVE-2018-9258 [HIGH] CVE-2018-9258: wireshark - In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed i... In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources. Scope: local bookworm: resolved (fixed in 2.4.6-1) bullseye: resolved (fixed in 2.4.6-1) forky: resolved (fixed in 2.4.6-1) sid: resolved (fixed in 2.4.6-1) trixie: resolved (fixed in 2.4.6-1)

CVE-2018-7420 [HIGH] CVE-2018-7420: wireshark - In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could cr... In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks. Scope: local bookworm: resolved (fixed in 2.4.5-1) bullseye: resolved (fixed in 2.4.5-1) forky: resolved (fixed in 2.4.5-1) sid: resolved (fixed in 2.4.5-1) trixie: resolved (fixed in 2.4.5-

CVE-2018-9256 [HIGH] CVE-2018-9256: wireshark - In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash... In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth. Scope: local bookworm: resolved (fixed in 2.4.6-1) bullseye: resolved (fixed in 2.4.6-1) forky: resolved (fixed in 2.4.6-1) sid: resolved (fixed in 2.4.6-1) trixie

CVE-2018-9262 [HIGH] CVE-2018-9262: wireshark - In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash.... In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth. Scope: local bookworm: resolved (fixed in 2.4.6-1) bullseye: resolved (fixed in 2.4.6-1) forky: resolved (fixed in 2.4.6-1) sid: resolved (fixed in 2.4.6-1) trixie: resolved

CVE-2018-7325 [HIGH] CVE-2018-7325: wireshark - In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr... In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field. Scope: local bookworm: resolved (fixed in 2.4.5-1) bullseye: resolved (fixed in 2.4.5-1) forky: resolved (fixed in 2.4.5-1) sid: resolved (fixed in 2.4.5-1) trixie: resolved (fixed in 2.4.5-1)