wireshark: Multiple vulnerabilities (CVE-2018-12086, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227)
CVE-2018-12086: OpcUa dissector crash
Affected versions: 2.6.0 to 2.6.3, 2.4.0 to 2.4.9
Fixed versions: 2.6.4, 2.4.10
References:
https://www.wireshark.org/security/wnpa-sec-2018-50.html
CVE-2018-18225: CoAP dissector crash
Affected versions: 2.6.0 to 2.6.3
Fixed versions: 2.6.4
References:
https://www.wireshark.org/security/wnpa-sec-2018-49.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=15172
CVE-2018-18226: Steam IHS Discovery dissector memory leak
Affected versions: 2.6.0 to 2.6.3
Fixed versions: 2.6.4
References:
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=15171
https://www.wireshark.org/security/wnpa-sec-2018-48.html
CVE-2018-18227: MS-WSP dissector crash
Affected versions: 2.6.0 to 2.6.3, 2.4.0 to 2.4.9
Fixed versions: 2.6.4, 2.4.10
References:
https://www.wireshark.org/security/wnpa-sec-2018-47.html
https://www.wireshark.org/security/wnpa-sec-2018-48.html
(from redmine: issue id 9601, created on 2018-10-29, closed on 2018-10-30)
- Relations:
- child #9602 (closed)
- child #9603 (closed)
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information