2015-04-03 20:59:31 |
Thomas Ward |
bug |
|
|
added bug |
2015-04-03 20:59:45 |
Thomas Ward |
nominated for series |
|
Ubuntu Trusty |
|
2015-04-03 20:59:45 |
Thomas Ward |
nominated for series |
|
Ubuntu Utopic |
|
2015-04-03 21:00:10 |
Thomas Ward |
description |
There are 6 new CVEs which impact Wireshark in Utopic. (Three of these also affect Precise)
------
CVE-2015-2187: (Utopic)
The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service (stack memory corruption and application crash) via a crafted packet.
CVE-2015-2188: (Precise, Utopic)
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.
CVE-2015-2189: (Precise, Utopic)
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.
CVE-2015-2190: (Utopic)
epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector.
CVE-2015-2191: (Precise, Utopic)
Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
CVE-2015-2192: (Utopic)
Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
------
Vivid is not affected by these CVEs as the archive autosync pulled in a version from Debian that has patches from Wireshark 1.12.4 which fix the problem.
Precise and Utopic are affected.
Importance set to medium because the majority of these CVEs have a "medium" severity in the Ubuntu CVE tracker. |
There are 6 new CVEs which impact Wireshark in Utopic. (Three of these also affect Trusty)
------
CVE-2015-2187: (Utopic)
The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service (stack memory corruption and application crash) via a crafted packet.
CVE-2015-2188: (Trusty, Utopic)
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.
CVE-2015-2189: (Trusty, Utopic)
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.
CVE-2015-2190: (Utopic)
epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector.
CVE-2015-2191: (Trusty, Utopic)
Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
CVE-2015-2192: (Utopic)
Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
------
Vivid is not affected by these CVEs as the archive autosync pulled in a version from Debian that has patches from Wireshark 1.12.4 which fix the problem.
Trusty and Utopic are affected.
Importance set to medium because the majority of these CVEs have a "medium" severity in the Ubuntu CVE tracker. |
|
2015-04-03 21:00:17 |
Thomas Ward |
tags |
precise utopic |
trusty utopic |
|
2015-04-03 21:01:57 |
Marc Deslauriers |
bug task added |
|
wireshark (Ubuntu Trusty) |
|
2015-04-03 21:02:03 |
Marc Deslauriers |
bug task added |
|
wireshark (Ubuntu Utopic) |
|
2015-04-03 21:03:14 |
Thomas Ward |
wireshark (Ubuntu Trusty): status |
New |
Confirmed |
|
2015-04-03 21:03:16 |
Thomas Ward |
wireshark (Ubuntu Utopic): status |
New |
Confirmed |
|
2015-04-03 21:03:18 |
Thomas Ward |
wireshark (Ubuntu Trusty): importance |
Undecided |
Critical |
|
2015-04-03 21:03:20 |
Thomas Ward |
wireshark (Ubuntu Trusty): importance |
Critical |
Medium |
|
2015-04-03 21:03:21 |
Thomas Ward |
wireshark (Ubuntu Utopic): importance |
Undecided |
Medium |
|
2015-04-03 21:03:44 |
Thomas Ward |
wireshark (Ubuntu): status |
Confirmed |
Fix Released |
|
2015-04-03 21:05:11 |
Thomas Ward |
cve linked |
|
2015-2187 |
|
2015-04-03 21:05:22 |
Thomas Ward |
cve linked |
|
2015-2188 |
|
2015-04-03 21:05:34 |
Thomas Ward |
cve linked |
|
2015-2189 |
|
2015-04-03 21:05:44 |
Thomas Ward |
cve linked |
|
2015-2190 |
|
2015-04-03 21:05:59 |
Thomas Ward |
cve linked |
|
2015-2191 |
|
2015-04-03 21:06:07 |
Thomas Ward |
cve linked |
|
2015-2192 |
|
2015-04-03 21:23:33 |
Thomas Ward |
attachment added |
|
Utopic Debdiff: 1.12.1+g01b65bf-2~ubuntu14.10.2 to 1.12.1+g01b65bf-2~ubuntu14.10.3 https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/1440202/+attachment/4365458/+files/lp1440202-utopic.debdiff |
|
2015-04-03 21:25:23 |
Thomas Ward |
bug |
|
|
added subscriber Ubuntu Security Sponsors Team |
2015-04-05 17:34:54 |
Saroth Thissa |
bug |
|
|
added subscriber Saroth Thissa (சரத்) |
2015-04-05 17:34:57 |
Saroth Thissa |
removed subscriber Saroth Thissa (சரத்) |
|
|
|
2015-04-05 17:35:03 |
Saroth Thissa |
bug |
|
|
added subscriber Saroth Thissa (சரத்) |
2015-04-05 17:35:05 |
Saroth Thissa |
removed subscriber Saroth Thissa (சரத்) |
|
|
|
2015-04-06 19:02:14 |
Steve Beattie |
wireshark (Ubuntu Utopic): status |
Confirmed |
In Progress |
|
2015-04-06 19:02:16 |
Steve Beattie |
wireshark (Ubuntu Utopic): assignee |
|
Steve Beattie (sbeattie) |
|
2015-04-07 05:33:24 |
Launchpad Janitor |
wireshark (Ubuntu Utopic): status |
In Progress |
Fix Released |
|
2015-04-07 17:30:36 |
Steve Beattie |
removed subscriber Ubuntu Security Sponsors Team |
|
|
|