[3.8] wireshark: Multiple vulnerabilities (CVE-2018-16056, CVE-2018-16057, CVE-2018-16058)
CVE-2018-16056: Bluetooth Attribute Protocol dissector crash
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
References:
https://www.wireshark.org/security/wnpa-sec-2018-45.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=14994
CVE-2018-16057: Radiotap dissector crash
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
References:
https://www.wireshark.org/security/wnpa-sec-2018-46.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=15022
CVE-2018-16058: Bluetooth AVDTP dissector crash
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
References:
https://www.wireshark.org/security/wnpa-sec-2018-44.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=14884
(from redmine: issue id 9406, created on 2018-09-10, closed on 2018-09-11)
- Relations:
- parent #9404 (closed)
- Changesets:
- Revision f12f5f95 by Natanael Copa on 2018-09-10T17:34:38Z:
community/wireshark: security upgrade to 2.4.9
CVE-2018-16056, CVE-2018-16057, CVE-2018-16058
fixes #9406- Revision c0c7198c by Natanael Copa on 2019-02-06T13:35:45Z:
community/wireshark: security upgrade to 2.4.9
CVE-2018-16056, CVE-2018-16057, CVE-2018-16058
fixes #9406
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information