In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory.
It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Upgrade to 3.2.2 or later
and few more bugs in wireshark were reported:
The EAP dissector could crash.
The WireGuard dissector could crash.
The WiMax DLMAP dissector could crash.
Maintainers, please create an appropriate ebuild, and call for stabilization when ready.
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE
RRC dissector could leak memory. This was addressed in
epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax
DLMAP dissector could crash. This was addressed in
plugins/epan/wimax/msg_dlmap.c by validating a length field.
In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was
addressed in epan/dissectors/packet-wireguard.c by handling the situation
where a certain data structure intentionally has a NULL value.
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP
dissector could crash. This was addressed in epan/dissectors/packet-eap.c by
using more careful sscanf parsing.
@maintainer(s), please advise if ready for stabilisation, or call yourself.
Resetting sanity check; package list is empty or all packages are done.
This issue was resolved and addressed in
GLSA 202007-13 at https://security.gentoo.org/glsa/202007-13
by GLSA coordinator Sam James (sam_c).