Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC
Bug 635546 (CVE-2017-11406, CVE-2017-11407, CVE-2017-11408, CVE-2017-11409, CVE-2017-11410, CVE-2017-11411) - net-analyzer/wireshark: Multiple vulnerabilities
Summary: net-analyzer/wireshark: Multiple vulnerabilities
Status: RESOLVED INVALID
Alias: CVE-2017-11406, CVE-2017-11407, CVE-2017-11408, CVE-2017-11409, CVE-2017-11410, CVE-2017-11411
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://www.wireshark.org/security/
Whiteboard: B3 [ebuild cve blocked]
Keywords:
Depends on: CVE-2017-13765, CVE-2017-13766, CVE-2017-13767 635686
Blocks:
  Show dependency tree
 
Reported: 2017-10-27 00:39 UTC by GLSAMaker/CVETool Bot
Modified: 2018-10-12 07:44 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2017-10-27 00:39:14 UTC
CVE-2017-11411 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11411):
  In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY
  dissector could crash or exhaust system memory. This was addressed in
  epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this
  vulnerability exists because of an incomplete fix for CVE-2017-9350.

CVE-2017-11410 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11410):
  In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector
  could go into an infinite loop, triggered by packet injection or a malformed
  capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding
  validation of the relationships between indexes and lengths. NOTE: this
  vulnerability exists because of an incomplete fix for CVE-2017-7702.

CVE-2017-11409 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11409):
  In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large
  loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a
  different integer data type.

CVE-2017-11408 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11408):
  In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could
  crash. This was addressed in epan/dissectors/packet-amqp.c by checking for
  successful list dissection.

CVE-2017-11407 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11407):
  In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could
  crash. This was addressed in epan/dissectors/packet-mq.c by validating the
  fragment length before a reassembly attempt.

CVE-2017-11406 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11406):
  In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could
  go into an infinite loop. This was addressed in
  plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter
  values.
Comment 1 Jeroen Roovers gentoo-dev 2017-10-27 01:30:33 UTC
Bug #625474	net-analyzer/wireshark: Multiple Vulnerabilities
Bug #629370	net-analyzer/wireshark: multiple vulnerabilities
Bug #629454	net-analyzer/wireshark: Modbus dissector crash (wnpa-sec-2017-40)
Bug #634872	net-analyzer/wireshark: Multiple vulnerabilities
(Bug #635546	net-analyzer/wireshark: Multiple vulnerabilities)

It's so confusing without versions, isn't it? Now of which of these is this bug report a duplicate?
Comment 2 D'juan McDonald (domhnall) 2017-10-27 17:32:44 UTC
Aggregating upstream security announcements for reference URL(s).

CVE-2017-11406(https://www.wireshark.org/security/wnpa-sec-2017-36.html):
CVE-2017-11407(https://www.wireshark.org/security/wnpa-sec-2017-35.html):
CVE-2017-11408(https://www.wireshark.org/security/wnpa-sec-2017-34.html):
CVE-2017-11409(https://www.wireshark.org/security/wnpa-sec-2017-37.html):
CVE-2017-11410(https://www.wireshark.org/security/wnpa-sec-2017-13.html):
CVE-2017-11411(https://www.wireshark.org/security/wnpa-sec-2017-28.html):

Gentoo Security Padawan
(jmbailey/mbailey_j)
Comment 3 Jeroen Roovers gentoo-dev 2018-10-12 07:44:14 UTC
(In reply to Jeroen Roovers from comment #1)
> Bug #625474	net-analyzer/wireshark: Multiple Vulnerabilities
> Bug #629370	net-analyzer/wireshark: multiple vulnerabilities
> Bug #629454	net-analyzer/wireshark: Modbus dissector crash (wnpa-sec-2017-40)
> Bug #634872	net-analyzer/wireshark: Multiple vulnerabilities
> (Bug #635546	net-analyzer/wireshark: Multiple vulnerabilities)
> 
> It's so confusing without versions, isn't it? Now of which of these is this
> bug report a duplicate?

No answer.