GitLab

CVE-2018-11356: DNS dissector crash

Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14
Fixed versions: 2.6.1, 2.4.7, 2.2.15

References:

https://www.wireshark.org/security/wnpa-sec-2018-29.html

CVE-2018-11357: Multiple dissectors could consume excessive memory

Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14
Fixed versions: 2.6.1, 2.4.7, 2.2.15

Reference:

https://www.wireshark.org/security/wnpa-sec-2018-28.html

CVE-2018-11358: Q.931 dissector crash

Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14
Fixed versions: 2.6.1, 2.4.7, 2.2.15

Reference:

https://www.wireshark.org/security/wnpa-sec-2018-31.html

CVE-2018-11359: Multiple dissectors could crash

Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14
Fixed versions: 2.6.1, 2.4.7, 2.2.15

References:

https://www.wireshark.org/security/wnpa-sec-2018-33.html

CVE-2018-11360: GSM A DTAP dissector crash

Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14
Fixed versions: 2.6.1, 2.4.7, 2.2.15

Reference:

https://www.wireshark.org/security/wnpa-sec-2018-30.html

CVE-2018-11362: LDSS dissector crash

Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14
Fixed versions: 2.6.1, 2.4.7, 2.2.15

Reference:

https://www.wireshark.org/security/wnpa-sec-2018-25.html

(from redmine: issue id 8931, created on 2018-05-24, closed on 2018-06-12)

• Relations:
  • copied_to #8930 (closed)
  • parent #8930 (closed)
• Changesets:
  • Revision 215ab32e on 2018-06-11T08:14:56Z:

community/wireshark: security upgrade to 2.4.7

CVE-2018-11356, CVE-2018-11357, CVE-2018-11358,
CVE-2018-11359, CVE-2018-11360, CVE-2018-11362

Fixes #8931