Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 711012 (CVE-2020-9428, CVE-2020-9429, CVE-2020-9430, CVE-2020-9431) - <net-analyzer/wireshark-3.2.2 : multiple vulnerabilities (CVE-2020-{9428-9431})
Summary: <net-analyzer/wireshark-3.2.2 : multiple vulnerabilities (CVE-2020-{9428-9431})
Status: RESOLVED FIXED
Alias: CVE-2020-9428, CVE-2020-9429, CVE-2020-9430, CVE-2020-9431
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugs.wireshark.org/bugzilla/s...
Whiteboard: B3 [glsa+ cve]
Keywords:
Depends on: CVE-2020-13164, wnpa-sec-2020-08 CVE-2020-15466
Blocks:
  Show dependency tree
 
Reported: 2020-02-28 07:32 UTC by filip ambroz
Modified: 2020-07-26 23:49 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description filip ambroz 2020-02-28 07:32:43 UTC
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory.

Impact:
It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. 

Solution:
Upgrade to 3.2.2 or later

References:
https://www.wireshark.org/security/wnpa-sec-2020-03.html
https://nvd.nist.gov/vuln/detail/CVE-2020-9431
https://www.tenable.com/cve/CVE-2020-9431
https://vulmon.com/vulnerabilitydetails?qid=CVE-2020-9431
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2020-03-04 16:03:34 UTC
Maintainers, please create an appropriate ebuild, and call for stabilization when ready.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2020-03-04 16:04:54 UTC
CVE-2020-9431 (https://nvd.nist.gov/vuln/detail/CVE-2020-9431):
  In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE
  RRC dissector could leak memory. This was addressed in
  epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.

CVE-2020-9430 (https://nvd.nist.gov/vuln/detail/CVE-2020-9430):
  In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax
  DLMAP dissector could crash. This was addressed in
  plugins/epan/wimax/msg_dlmap.c by validating a length field.

CVE-2020-9429 (https://nvd.nist.gov/vuln/detail/CVE-2020-9429):
  In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was
  addressed in epan/dissectors/packet-wireguard.c by handling the situation
  where a certain data structure intentionally has a NULL value.

CVE-2020-9428 (https://nvd.nist.gov/vuln/detail/CVE-2020-9428):
  In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP
  dissector could crash. This was addressed in epan/dissectors/packet-eap.c by
  using more careful sscanf parsing.
Comment 4 Sam James archtester gentoo-dev Security 2020-03-26 19:31:50 UTC
@maintainer(s), please advise if ready for stabilisation, or call yourself.
Comment 5 NATTkA bot gentoo-dev 2020-04-12 19:21:57 UTC
Resetting sanity check; package list is empty or all packages are done.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2020-07-26 23:49:35 UTC
This issue was resolved and addressed in
 GLSA 202007-13 at https://security.gentoo.org/glsa/202007-13
by GLSA coordinator Sam James (sam_c).