Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 690192 (CVE-2019-13619, wnpa-sec-2019-20) - <net-analyzer/wireshark-3.0.3 : ASN.1 BER and related dissectors could crash
Summary: <net-analyzer/wireshark-3.0.3 : ASN.1 BER and related dissectors could crash
Status: RESOLVED FIXED
Alias: CVE-2019-13619, wnpa-sec-2019-20
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://www.wireshark.org/security/wn...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-07-19 01:29 UTC by D'juan McDonald (domhnall)
Modified: 2020-04-16 07:41 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2019-07-19 01:29:21 UTC
(http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13619):

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.


Gentoo Security Padawan
(domhnall)
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-26 19:33:16 UTC
Tree is clean!
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2020-04-16 07:41:14 UTC
GLSA Vote: No
Thank you all for you work. 
Closing as [noglsa].