==================================================================== CERT-Renater Note d'Information No. 2018/VULN080 _____________________________________________________________________ DATE : 27/02/2018 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Wireshark versions 2 prior to 2.4.5, 2.2.13. ===================================================================== https://www.wireshark.org/security/wnpa-sec-2018-05.html https://www.wireshark.org/security/wnpa-sec-2018-06.html https://www.wireshark.org/security/wnpa-sec-2018-07.html https://www.wireshark.org/security/wnpa-sec-2018-08.html https://www.wireshark.org/security/wnpa-sec-2018-09.html https://www.wireshark.org/security/wnpa-sec-2018-10.html https://www.wireshark.org/security/wnpa-sec-2018-11.html https://www.wireshark.org/security/wnpa-sec-2018-12.html https://www.wireshark.org/security/wnpa-sec-2018-13.html https://www.wireshark.org/security/wnpa-sec-2018-14.html _____________________________________________________________________ wnpa-sec-2018-05 · IEEE 802.11 dissector crash Summary Name: IEEE 802.11 dissector crash Docid: wnpa-sec-2018-05 Date: February 23, 2018 Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12 Fixed versions: 2.4.5, 2.2.13 References: Wireshark bug 14442 CVE-2018-7335 Details Description The IEEE 802.11 dissector could crash. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.4.5, 2.2.13 or later. _____________________________________________________________________ wnpa-sec-2018-06 · Large or infinite loops in multiple dissectors Summary Name: Large or infinite loops in multiple dissectors Docid: wnpa-sec-2018-06 Date: February 23, 2018 Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12 Fixed versions: 2.4.5, 2.2.13 References: Wireshark bug 14379 Wireshark bug 14408 Wireshark bug 14411 Wireshark bug 14412 Wireshark bug 14413 Wireshark bug 14414 Wireshark bug 14419 Wireshark bug 14420 Wireshark bug 14421 Wireshark bug 14423 Wireshark bug 14428 Wireshark bug 14444 Wireshark bug 14445 Wireshark bug 14449 CVE-2018-7321 CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7325 CVE-2018-7326 CVE-2018-7327 CVE-2018-7328 CVE-2018-7329 CVE-2018-7330 CVE-2018-7331 CVE-2018-7332 CVE-2018-7333 Details Description Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors, along with the DICOM, DMP, LLTD, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router, S7COMM, SCCP, Thread, Thrift, USB, and WCCP dissectors were susceptible. Impact It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.4.5, 2.2.13 or later. _____________________________________________________________________ wnpa-sec-2018-07 · UMTS MAC dissector crash Summary Name: UMTS MAC dissector crash Docid: wnpa-sec-2018-07 Date: February 23, 2018 Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12 Fixed versions: 2.4.5, 2.2.13 References: Wireshark bug 14339 CVE-2018-7334 Details Description The UMTS MAC dissector could crash. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.4.5, 2.2.13 or later. _____________________________________________________________________ wnpa-sec-2018-08 · DOCSIS dissector crash Summary Name: DOCSIS dissector crash Docid: wnpa-sec-2018-08 Date: February 23, 2018 Affected versions: 2.4.0 to 2.4.4 Fixed versions: 2.4.5 References: Wireshark bug 14446 CVE-2018-7337 Details Description The DOCSIS dissector could crash. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.4.5 or later. _____________________________________________________________________ wnpa-sec-2018-09 · FCP dissector crash Summary Name: FCP dissector crash Docid: wnpa-sec-2018-09 Date: February 23, 2018 Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12 Fixed versions: 2.4.5, 2.2.13 References: Wireshark bug 14374 CVE-2018-7336 Details Description The FCP dissector could crash. Discovered by Otto Airamo and Antti Levomäki, Forcepoint. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.4.5, 2.2.13 or later. _____________________________________________________________________ wnpa-sec-2018-10 · SIGCOMP dissector crash Summary Name: SIGCOMP dissector crash Docid: wnpa-sec-2018-10 Date: February 23, 2018 Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12 Fixed versions: 2.4.5, 2.2.13 References: Wireshark bug 14398 CVE-2018-7320 Details Description The SIGCOMP dissector could crash. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.4.5, 2.2.13 or later. _____________________________________________________________________ wnpa-sec-2018-11 · Pcapng file parser crash Summary Name: Pcapng file parser crash Docid: wnpa-sec-2018-11 Date: February 23, 2018 Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12 Fixed versions: 2.4.5, 2.2.13 References: Wireshark bug 14403 Details Description The pcapng file parser could crash. Discovered by Magnus Stubman. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.4.5, 2.2.13 or later. _____________________________________________________________________ wnpa-sec-2018-12 · IPMI dissector crash Summary Name: IPMI dissector crash Docid: wnpa-sec-2018-12 Date: February 23, 2018 Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12 Fixed versions: 2.4.5, 2.2.13 References: Wireshark bug 14409 Details Description The IPMI dissector could crash. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.4.5, 2.2.13 or later. _____________________________________________________________________ wnpa-sec-2018-13 · SIGCOMP dissector crash Summary Name: SIGCOMP dissector crash Docid: wnpa-sec-2018-13 Date: February 23, 2018 Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12 Fixed versions: 2.4.5, 2.2.13 References: Wireshark bug 14410 Details Description The SIGCOMP dissector could crash. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.4.5, 2.2.13 or later. _____________________________________________________________________ wnpa-sec-2018-14 · NBAP dissector crash Summary Name: NBAP dissector crash Docid: wnpa-sec-2018-14 Date: February 23, 2018 Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12 Fixed versions: 2.4.5, 2.2.13 References: Wireshark bug 14443 Details Description The NBAP dissector could crash. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.4.5, 2.2.13 or later. ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================