Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC

Bug 503792 (CVE-2014-2281)

Summary: <net-analyzer/wireshark-{1.8.13,1.10.6}: multiple vulnerabilities (CVE-2014-{2281,2282,2283,2299})
Product: Gentoo Security Reporter: Jeroen Roovers <jer>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: netmon
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.wireshark.org/lists/wireshark-announce/201403/msg00000.html
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Jeroen Roovers gentoo-dev 2014-03-07 22:54:49 UTC
1.8.13:

   The following vulnerabilities have been fixed.
     * [1]wnpa-sec-2014-01
       The NFS dissector could crash. Discovered by Moshe Kaplan.
       ([2]Bug 9672)
       Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12
       [3]CVE-2014-2281
     * [4]wnpa-sec-2014-03
       The RLC dissector could crash. ([5]Bug 9730)
       Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12
       [6]CVE-2014-2283
     * [7]wnpa-sec-2014-04
       The MPEG file parser could overflow a buffer. Discovered by
       Wesley Neelen. ([8]Bug 9843)
       Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12
       [9]CVE-2014-2299

1.10.6:

   The following vulnerabilities have been fixed.
     * [1]wnpa-sec-2014-01
       The NFS dissector could crash. Discovered by Moshe Kaplan.
       ([2]Bug 9672)
       Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12
       [3]CVE-2014-2281
     * [4]wnpa-sec-2014-02
       The M3UA dissector could crash. Discovered by Laurent
       Butti. ([5]Bug 9699)
       Versions affected: 1.10.0 to 1.10.5
       [6]CVE-2014-2282
     * [7]wnpa-sec-2014-03
       The RLC dissector could crash. ([8]Bug 9730)
       Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12
       [9]CVE-2014-2283
     * [10]wnpa-sec-2014-04
       The MPEG file parser could overflow a buffer. Discovered by
       Wesley Neelen. ([11]Bug 9843)
       Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12
       [12]CVE-2014-2299
Comment 1 Jeroen Roovers gentoo-dev 2014-03-08 01:43:22 UTC
Arch teams, please test and mark stable:
=net-analyzer/wireshark-1.8.13
=net-analyzer/wireshark-1.10.6
Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86
Comment 2 Jeroen Roovers gentoo-dev 2014-03-08 17:07:29 UTC
Stable for HPPA.
Comment 3 Agostino Sarubbo gentoo-dev 2014-03-09 09:52:16 UTC
amd64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2014-03-09 09:53:17 UTC
x86 stable
Comment 5 Agostino Sarubbo gentoo-dev 2014-03-12 10:37:43 UTC
sparc stable
Comment 6 Agostino Sarubbo gentoo-dev 2014-03-16 11:11:36 UTC
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2014-03-18 16:12:13 UTC
ia64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2014-03-19 14:21:26 UTC
alpha stable
Comment 9 Agostino Sarubbo gentoo-dev 2014-03-24 14:34:27 UTC
ppc64 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 10 Yury German Gentoo Infrastructure gentoo-dev Security 2014-03-24 22:47:09 UTC
Arches and Maintainer(s), Thank you for your work.

Created new GLSA request.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2014-04-10 21:31:18 UTC
CVE-2014-2299 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2299):
  Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG
  parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows
  remote attackers to execute arbitrary code or cause a denial of service
  (application crash) via a large record in MPEG data.

CVE-2014-2283 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2283):
  epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before
  1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management
  approaches, which allows remote attackers to cause a denial of service
  (use-after-free error and application crash) via a crafted UMTS Radio Link
  Control packet.

CVE-2014-2282 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2282):
  The dissect_protocol_data_parameter function in
  epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x
  before 1.10.6 does not properly allocate memory, which allows remote
  attackers to cause a denial of service (application crash) via a crafted SS7
  MTP3 packet.

CVE-2014-2281 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2281):
  The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the
  NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does
  not validate a certain length value, which allows remote attackers to cause
  a denial of service (memory corruption and application crash) via a crafted
  NFS packet.
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2014-06-29 16:14:41 UTC
This issue was resolved and addressed in
 GLSA 201406-33 at http://security.gentoo.org/glsa/glsa-201406-33.xml
by GLSA coordinator Mikle Kolyada (Zlogene).