Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 711012 (CVE-2020-9428, CVE-2020-9429, CVE-2020-9430, CVE-2020-9431)

Summary: <net-analyzer/wireshark-3.2.2 : multiple vulnerabilities (CVE-2020-{9428-9431})
Product: Gentoo Security Reporter: filip ambroz <filip.ambroz>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: netmon
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16341
Whiteboard: B3 [glsa+ cve]
Package list:
Runtime testing required: ---
Bug Depends on: 724132, 730414    
Bug Blocks:    

Description filip ambroz 2020-02-28 07:32:43 UTC 
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory.

Impact:
It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. 

Solution:
Upgrade to 3.2.2 or later

References:
https://www.wireshark.org/security/wnpa-sec-2020-03.html
https://nvd.nist.gov/vuln/detail/CVE-2020-9431
https://www.tenable.com/cve/CVE-2020-9431
https://vulmon.com/vulnerabilitydetails?qid=CVE-2020-9431
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2020-03-04 16:03:34 UTC 
Maintainers, please create an appropriate ebuild, and call for stabilization when ready.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2020-03-04 16:04:54 UTC 
CVE-2020-9431 (https://nvd.nist.gov/vuln/detail/CVE-2020-9431):
  In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE
  RRC dissector could leak memory. This was addressed in
  epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.

CVE-2020-9430 (https://nvd.nist.gov/vuln/detail/CVE-2020-9430):
  In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax
  DLMAP dissector could crash. This was addressed in
  plugins/epan/wimax/msg_dlmap.c by validating a length field.

CVE-2020-9429 (https://nvd.nist.gov/vuln/detail/CVE-2020-9429):
  In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was
  addressed in epan/dissectors/packet-wireguard.c by handling the situation
  where a certain data structure intentionally has a NULL value.

CVE-2020-9428 (https://nvd.nist.gov/vuln/detail/CVE-2020-9428):
  In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP
  dissector could crash. This was addressed in epan/dissectors/packet-eap.c by
  using more careful sscanf parsing.
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-26 19:31:50 UTC 
@maintainer(s), please advise if ready for stabilisation, or call yourself.
Comment 5 NATTkA bot gentoo-dev 2020-04-12 19:21:57 UTC 
Resetting sanity check; package list is empty or all packages are done.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2020-07-26 23:49:35 UTC 
This issue was resolved and addressed in
 GLSA 202007-13 at https://security.gentoo.org/glsa/202007-13
by GLSA coordinator Sam James (sam_c).