In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. Impact: It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Solution: Upgrade to 3.2.2 or later References: https://www.wireshark.org/security/wnpa-sec-2020-03.html https://nvd.nist.gov/vuln/detail/CVE-2020-9431 https://www.tenable.com/cve/CVE-2020-9431 https://vulmon.com/vulnerabilitydetails?qid=CVE-2020-9431
and few more bugs in wireshark were reported: CVE-2020-9428 The EAP dissector could crash. References: https://www.wireshark.org/security/wnpa-sec-2020-05.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16397 https://nvd.nist.gov/vuln/detail/CVE-2020-9428 CVE-2020-9429 The WireGuard dissector could crash. References: https://www.wireshark.org/security/wnpa-sec-2020-06.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16394 https://nvd.nist.gov/vuln/detail/CVE-2020-9429 CVE-2020-9430 The WiMax DLMAP dissector could crash. https://www.wireshark.org/security/wnpa-sec-2020-04.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16368 https://nvd.nist.gov/vuln/detail/CVE-2020-9430
Maintainers, please create an appropriate ebuild, and call for stabilization when ready.
CVE-2020-9431 (https://nvd.nist.gov/vuln/detail/CVE-2020-9431): In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations. CVE-2020-9430 (https://nvd.nist.gov/vuln/detail/CVE-2020-9430): In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field. CVE-2020-9429 (https://nvd.nist.gov/vuln/detail/CVE-2020-9429): In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value. CVE-2020-9428 (https://nvd.nist.gov/vuln/detail/CVE-2020-9428): In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.
@maintainer(s), please advise if ready for stabilisation, or call yourself.
Resetting sanity check; package list is empty or all packages are done.
This issue was resolved and addressed in GLSA 202007-13 at https://security.gentoo.org/glsa/202007-13 by GLSA coordinator Sam James (sam_c).