Bug 706728 - VUL-1: wireshark: new updates fix two DoS issues
VUL-1: wireshark: new updates fix two DoS issues
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: General
unspecified
Other Other
: P3 - Medium : Minor
: ---
Assigned To: Security Team bot
E-mail List
. maint:released:11.3:43640 maint:rel...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-07-19 13:32 UTC by Sebastian Krahmer
Modified: 2011-11-21 11:13 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastian Krahmer 2011-07-19 13:32:13 UTC
As this seems some GSM/UMTS dissector issue, its probably
enough to be handled as VUL-1:


Via OSS-sec:

Date: Tue, 19 Jul 2011 14:41:12 +0200
From: Jan Lieskovsky


Hello Josh, Steve, vendors,

  an infinite loop was found in the way ANSI A Interface (IS-634/IOS)
dissector of the Wireshark network traffic analyzer processed certain
ANSI A MAP capture files. If Wireshark read a malformed packet off a
network or opened a malicious packet capture file, it could lead to
denial of service (Wireshark hang).

Upstream bug:
[1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6044

Public PoC:
[2]
http://www.wireshark.org/download/automated/captures/fuzz-2011-06-20-22762.pcap

Relevant upstream patch:
[3] http://anonsvn.wireshark.org/viewvc?view=revision&revision=37930

References:
[4] http://www.wireshark.org/security/
[5] http://www.wireshark.org/security/wnpa-sec-2011-11.html
[6] http://www.wireshark.org/security/wnpa-sec-2011-10.html
[7] https://bugzilla.redhat.com/show_bug.cgi?id=723215

Could you allocate a CVE id for this?

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
Comment 1 Sebastian Krahmer 2011-07-20 07:22:21 UTC
CVE-2011-2698
Comment 2 Sebastian Krahmer 2011-07-20 14:29:29 UTC
Seems like there was another CVE fixed along (CVE-2011-2597)
with the new wireshark releases:

http://www.wireshark.org/lists/wireshark-announce/201107/msg00001.html
Comment 3 Chunyan Liu 2011-08-19 06:07:46 UTC
Fixed package submitted to ibs (SLES-11sp1,10sp3,10sp4) and obs (opensuse-11.3,11.4,Factory)
Comment 4 Swamp Workflow Management 2011-10-17 09:35:28 UTC
Update released for: wireshark, wireshark-debuginfo, wireshark-debugsource, wireshark-devel
Products:
openSUSE 11.3 (debug, i586, x86_64)
openSUSE 11.4 (debug, i586, x86_64)
Comment 5 Swamp Workflow Management 2011-10-17 13:28:31 UTC
Update released for: wireshark, wireshark-debuginfo, wireshark-debugsource, wireshark-devel
Products:
SLE-DEBUGINFO 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP1 (i386, x86_64)
SLE-SDK 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1-TERADATA (x86_64)
SLES4VMWARE 11-SP1 (i386, x86_64)
Comment 6 Swamp Workflow Management 2011-10-17 15:59:56 UTC
Update released for: wireshark, wireshark-debuginfo, wireshark-devel
Products:
SLE-DESKTOP 10-SP4 (i386, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)
Comment 7 Swamp Workflow Management 2011-10-17 17:04:08 UTC
Update released for: wireshark, wireshark-debuginfo, wireshark-devel
Products:
SLE-SAP-APL 10-SP3 (x86_64)
SLE-SDK 10-SP3 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP3-TERADATA (x86_64)
Comment 8 Swamp Workflow Management 2011-11-15 11:15:33 UTC
The SWAMPID for this issue is 44170.
This issue was rated as important.
Please submit fixed packages until 2011-11-22.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 9 Swamp Workflow Management 2011-11-18 12:26:42 UTC
Update released for: wireshark, wireshark-debuginfo, wireshark-debugsource, wireshark-devel
Products:
openSUSE 11.3 (debug, i586, x86_64)
openSUSE 11.4 (debug, i586, x86_64)
Comment 10 Swamp Workflow Management 2011-11-18 15:13:30 UTC
Update released for: wireshark, wireshark-debuginfo, wireshark-debugsource, wireshark-devel
Products:
SLE-DEBUGINFO 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP1 (i386, x86_64)
SLE-SDK 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1-TERADATA (x86_64)
SLES4VMWARE 11-SP1 (i386, x86_64)
Comment 11 Swamp Workflow Management 2011-11-18 15:38:47 UTC
Update released for: wireshark, wireshark-debuginfo, wireshark-devel
Products:
SLE-DESKTOP 10-SP4 (i386, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)
Comment 12 Swamp Workflow Management 2011-11-20 17:59:24 UTC
Update released for: wireshark, wireshark-debuginfo, wireshark-devel
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)
Comment 13 Matthias Weckbecker 2011-11-21 11:13:28 UTC
released