Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 513094 (CVE-2014-4020) - <net-analyzer/wireshark-{1.8.15,1.10.8}: Frame metadissector could crash (CVE-2014-4020)(wnpa-sec-2014-07)
Summary: <net-analyzer/wireshark-{1.8.15,1.10.8}: Frame metadissector could crash (CVE...
Alias: CVE-2014-4020
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa]
Depends on:
Reported: 2014-06-13 09:36 UTC by Frank Krömmelbein
Modified: 2014-07-01 19:42 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Frank Krömmelbein 2014-06-13 09:36:15 UTC
Version bump request.

Release Notes:

Reproducible: Always
Comment 1 Kristian Fiskerstrand (RETIRED) gentoo-dev 2014-06-13 10:02:35 UTC
It was reported that Wireshark's Frame metadissector could crash. It may be
possible to make Wireshark crash by injecting a malformed packet onto the wire
or by convincing someone to read a malformed packet trace file.

This is reported to affect Wireshark versions 1.10.0 to 1.10.7.  It is fixed in
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2014-06-13 12:45:51 UTC
Arch teams, please test and mark stable:
Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2014-06-13 21:05:45 UTC
Stable for HPPA.
Comment 4 Agostino Sarubbo gentoo-dev 2014-06-13 21:45:13 UTC
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2014-06-13 21:45:35 UTC
x86 stable
Comment 6 Tobias Klausmann (RETIRED) gentoo-dev 2014-06-17 14:10:44 UTC
Stable on alpha.
Comment 7 Jeroen Roovers (RETIRED) gentoo-dev 2014-06-17 14:15:35 UTC
(In reply to Tobias Klausmann from comment #6)
> Stable on alpha.

You didn't stabilise =net-analyzer/wireshark-1.8.15 or mention here why you didn't.
Comment 8 Tobias Klausmann (RETIRED) gentoo-dev 2014-06-17 14:33:29 UTC
My bad, fixed.
Comment 9 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2014-06-22 17:32:58 UTC
sparc stable
Comment 10 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2014-06-27 16:55:05 UTC
ia64 stable
Comment 11 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2014-06-29 09:12:00 UTC
ppc* stable

Added to existing glsa draft.

Cleanup, please!
Comment 12 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2014-06-29 15:00:47 UTC
Cleanup done by  Jeroen Roovers.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2014-06-29 16:14:47 UTC
This issue was resolved and addressed in
 GLSA 201406-33 at
by GLSA coordinator Mikle Kolyada (Zlogene).
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2014-07-01 19:42:52 UTC
CVE-2014-4020 (
  The dissect_frame function in epan/dissectors/packet-frame.c in the frame
  metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative
  integer as a length value even though it was intended to represent an error
  condition, which allows remote attackers to cause a denial of service
  (application crash) via a crafted packet.