Debian Wireshark vulnerabilities

CVE-2020-9430 [HIGH] CVE-2020-9430: wireshark - In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMA... In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field. Scope: local bookworm: resolved (fixed in 3.2.2-1) bullseye: resolved (fixed in 3.2.2-1) forky: resolved (fixed in 3.2.2-1) sid: resolved (fixed in 3.2.2-1) trixie: resolved (fixed

CVE-2020-25863 [HIGH] CVE-2020-25863: wireshark - In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Mult... In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts. Scope: local bookworm: resolved (fixed in 3.2.7-1) bullseye: resolved (fixed in 3.2.7-1) forky: resolved (fixed in 3.2.7-1) sid: resolved (fixed i

CVE-2020-9431 [HIGH] CVE-2020-9431: wireshark - In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC di... In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations. Scope: local bookworm: resolved (fixed in 3.2.2-1) bullseye: resolved (fixed in 3.2.2-1) forky: resolved (fixed in 3.2.2-1) sid: resolved (fixed in 3.2.2-1) trixie: r

CVE-2020-25866 [HIGH] CVE-2020-25866: wireshark - In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has... In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs. Scope: local bookworm: resolved (fixed in 3.2.7-1) bullseye: resolve

CVE-2020-26421 [MEDIUM] CVE-2020-26421: wireshark - Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3... Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. Scope: local bookworm: resolved (fixed in 3.4.1-1) bullseye: resolved (fixed in 3.4.1-1) forky: resolved (fixed in 3.4.1-1) sid: resolved (fixed in 3.4.1-1) trixie: resolved (fixed in 3.4.1

CVE-2020-17498 [MEDIUM] CVE-2020-17498: wireshark - In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was ... In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression. Scope: local bookworm: resolved (fixed in 3.2.6-1) bullseye: resolved (fixed in 3.2.6-1) forky: resolved (fixed in 3.2.6-1) sid: resolved (fixed in 3.2.6-1) trixie: resolved (fixed in 3.2.

CVE-2020-7045 [MEDIUM] CVE-2020-7045: wireshark - In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addr... In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes. Scope: local bookworm: resolved (fixed in 3.2.0-1) bullseye: resolved (fixed in 3.2.0-1) forky: resolved (fixed in 3.2.0-1) sid: resolved (fixed in 3.2.0-1) trixie: resolved (fixed in 3.2.0-1)

CVE-2020-26422 [LOW] CVE-2020-26422: wireshark - Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of s... Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2020-11647 [HIGH] CVE-2020-11647: wireshark - In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dis... In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion. Scope: local bookworm: resolved (fixed in 3.2.3-1) bullseye: resolved (fixed in 3.2.3-1) forky: resolved (fixed in 3.2.3-1) sid: resolved (fixed in 3.2.3-1) trixie: resolved (

CVE-2020-9428 [HIGH] CVE-2020-9428: wireshark - In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissec... In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing. Scope: local bookworm: resolved (fixed in 3.2.2-1) bullseye: resolved (fixed in 3.2.2-1) forky: resolved (fixed in 3.2.2-1) sid: resolved (fixed in 3.2.2-1) trixie: resolved (fixed i

CVE-2020-26418 [LOW] CVE-2020-26418: wireshark - Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 al... Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. Scope: local bookworm: resolved (fixed in 3.4.1-1) bullseye: resolved (fixed in 3.4.1-1) forky: resolved (fixed in 3.4.1-1) sid: resolved (fixed in 3.4.1-1) trixie: resolved (fixed in 3.4.1-1)

CVE-2020-15466 [HIGH] CVE-2020-15466: wireshark - In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. ... In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations. Scope: local bookworm: resolved (fixed in 3.2.5-1) bullseye: resolved (fixed in 3.2.5-1) forky: resolved (fixed in 3.2.5-1) sid: resolved (fixed in 3.2.5-1) trixie: resolved (fix

CVE-2020-26419 [LOW] CVE-2020-26419: wireshark - Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service... Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file. Scope: local bookworm: resolved (fixed in 3.4.1-1) bullseye: resolved (fixed in 3.4.1-1) forky: resolved (fixed in 3.4.1-1) sid: resolved (fixed in 3.4.1-1) trixie: resolved (fixed in 3.4.1-1)

CVE-2020-26420 [LOW] CVE-2020-26420: wireshark - Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 all... Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. Scope: local bookworm: resolved (fixed in 3.4.1-1) bullseye: resolved (fixed in 3.4.1-1) forky: resolved (fixed in 3.4.1-1) sid: resolved (fixed in 3.4.1-1) trixie: resolved (fixed in 3.4.1-1)

CVE-2020-13164 [HIGH] CVE-2020-13164: wireshark - In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS disse... In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem. Scope: local bookworm: resolved (fixed in 3.2.4-1) bullseye: resolved (fixed in 3.2.4-1) forky: resolved (fixed in 3.2.4-1

CVE-2019-9214 [HIGH] CVE-2019-9214: wireshark - In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash... In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation. Scope: local bookworm: resolved (fixed in 2.6.7-1) bullseye: resolved (fixed in 2.6.7-1) forky: resolved (fixed in 2.6.7-1) sid: resolved (fixed in 2.6.7-1) trixie: resolve

CVE-2019-9208 [HIGH] CVE-2019-9208: wireshark - In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash.... In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences. Scope: local bookworm: resolved (fixed in 2.6.7-1) bullseye: resolved (fixed in 2.6.7-1) forky: resolved (fixed in 2.6.7-1) sid: resolved (fixed in 2.6.7-1) trixie: resolved (fixed in 2.6.7-1

CVE-2019-5721 [MEDIUM] CVE-2019-5721: wireshark - In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed... In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided. Scope: local bookworm: resolved (fixed in 2.6.1-1) bullseye: resolved (fixed in 2.6.1-1) forky: resolved (fixed in 2.6.1-1) sid: resolved (fixed in 2.6.1-1) trixie: resolve

CVE-2019-9209 [MEDIUM] CVE-2019-9209: wireshark - In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related disse... In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values. Scope: local bookworm: resolved (fixed in 2.6.7-1) bullseye: resolved (fixed in 2.6.7-1) forky: resolved (fixed in 2.6.7-1) sid: resolv

CVE-2019-10896 [HIGH] CVE-2019-10896: wireshark - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could... In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes. Scope: local bookworm: resolved (fixed in 2.6.8-1) bullseye: resolved (fixed in 2.6.8-1) forky: resolved (fixed in 2.6.8-1) sid: resolved (fixed in 2.6.8-1) trixie: resolved (fi