Summary: | <net-analyzer/wireshark-{1.8.15,1.10.8}: Frame metadissector could crash (CVE-2014-4020)(wnpa-sec-2014-07) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Frank Krömmelbein <kroemmelbein> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | netmon |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.wireshark.org/security/wnpa-sec-2014-07.html | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Frank Krömmelbein
2014-06-13 09:36:15 UTC
It was reported that Wireshark's Frame metadissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This is reported to affect Wireshark versions 1.10.0 to 1.10.7. It is fixed in 1.10.8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10030 Arch teams, please test and mark stable: =net-analyzer/wireshark-1.8.15 =net-analyzer/wireshark-1.10.8 Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86 Stable for HPPA. amd64 stable x86 stable Stable on alpha. (In reply to Tobias Klausmann from comment #6) > Stable on alpha. You didn't stabilise =net-analyzer/wireshark-1.8.15 or mention here why you didn't. My bad, fixed. sparc stable ia64 stable ppc* stable Added to existing glsa draft. Cleanup, please! Cleanup done by Jeroen Roovers. This issue was resolved and addressed in GLSA 201406-33 at http://security.gentoo.org/glsa/glsa-201406-33.xml by GLSA coordinator Mikle Kolyada (Zlogene). CVE-2014-4020 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4020): The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |