Summary: | <net-analyzer/wireshark-1.12.6 - WCCP dissector crash, GSM DTAP dissector crash (CVE-2015-{4651,4652}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Jeroen Roovers (RETIRED)
2015-06-18 04:42:44 UTC
Arch teams, please test and mark stable: =net-analyzer/wireshark-1.12.6 Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86 amd64 stable Stable for PPC64. Stable for HPPA. x86 stable ppc stable alpha stable sparc stable ia64 stable Please, cleanup! Added to existing glsa draft CVE-2015-4652 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4652): epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions. CVE-2015-4651 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4651): The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Old dropped because was keyworded only on ia64 This issue was resolved and addressed in GLSA 201510-03 at https://security.gentoo.org/glsa/201510-03 by GLSA coordinator Kristian Fiskerstrand (K_F). |