Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 668416 (CVE-2018-12086, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227) - <net-analyzer/wireshark-2.6.4 multiple vulnerabilities
Summary: <net-analyzer/wireshark-2.6.4 multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2018-12086, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://www.wireshark.org/lists/wires...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on: CVE-2019-9208, CVE-2019-9209
Blocks:
  Show dependency tree
 
Reported: 2018-10-12 07:41 UTC by Jeroen Roovers (RETIRED)
Modified: 2019-03-20 13:57 UTC (History)
1 user (show)

See Also:
Package list:
=net-analyzer/wireshark-2.6.4
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jeroen Roovers (RETIRED) gentoo-dev 2018-10-12 07:41:29 UTC 
The following vulnerabilities have been fixed:

     • wnpa-sec-2018-47[1] MS-WSP dissector crash. Bug 15119[2].
       CVE-2018-18227[3].

     • wnpa-sec-2018-48[4] Steam IHS Discovery dissector memory leak.
       Bug 15171[5]. CVE-2018-18226[6].

     • wnpa-sec-2018-49[7] CoAP dissector crash. Bug 15172[8].
       CVE-2018-18225[9].

     • wnpa-sec-2018-50[10] OpcUA dissector crash. CVE-2018-12086[11].
Comment 1 Yury German Gentoo Infrastructure gentoo-dev 2019-03-11 05:59:34 UTC 
CVE-2018-12086 Detail
Current Description
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.

______________________________

CVE-2018-18225 Detail
Current Description
In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.

______________________________

CVE-2018-18226 Detail
Current Description
In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.

______________________________

CVE-2018-18227 Detail
Current Description
In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.