Bug 12028 - wireshark new security issues fixed in 1.8.12 and 1.10.4
: wireshark new security issues fixed in 1.8.12 and 1.10.4
Status: RESOLVED FIXED
Product: Mageia
Classification: Unclassified
Component: Security
: 3
: i586 Linux
: Normal Severity: normal
: ---
Assigned To: QA Team
: Sec team
: http://lwn.net/Vulnerabilities/577886/
: has_procedure advisory mga3-64-ok mga...
: validated_update
:
:
  Show dependency treegraph
 
Reported: 2013-12-18 00:00 CET by David Walser
Modified: 2014-01-07 22:25 CET (History)
2 users (show)

See Also:
Source RPM: wireshark-1.10.3-1.mga4.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2013-12-18 00:00:07 CET
Upstream has released new versions today (December 17), fixing security issues:
http://www.wireshark.org/news/20131217.html

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2013-12-18 16:10:19 CET
Updated packages uploaded for Mageia 3 and Cauldron.

Advisory:
========================

Updated wireshark packages fix security vulnerabilities:

The SIP dissector could go into an infinite loop (CVE-2013-7112).

The NTLMSSP v2 dissector could crash (CVE-2013-7114).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7114
https://www.wireshark.org/security/wnpa-sec-2013-66.html
https://www.wireshark.org/security/wnpa-sec-2013-68.html
http://www.wireshark.org/docs/relnotes/wireshark-1.8.12.html
http://www.wireshark.org/news/20131217.html
========================

Updated packages in core/updates_testing:
========================
wireshark-1.8.12-1.mga3
libwireshark2-1.8.12-1.mga3
libwireshark-devel-1.8.12-1.mga3
wireshark-tools-1.8.12-1.mga3
tshark-1.8.12-1.mga3
rawshark-1.8.12-1.mga3
dumpcap-1.8.12-1.mga3

from wireshark-1.8.12-1.mga3.src.rpm
Comment 2 claire robinson 2013-12-19 16:59:52 CET
Testing complete mga3 64

PoC for cve-2013-7112 attached to https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9388

Opening it in wireshark results in rapid exhaustion of memory and maxed cpu.

With the update installed it opens instantly with no ill effects.

Performed a capture on eth0.
Comment 3 claire robinson 2013-12-19 17:06:25 CET
Testing complete mga3 32
Comment 4 claire robinson 2013-12-19 17:12:01 CET
Validating. Advisory uploaded.

Could sysadmin please push from 3 core/updates_testing to updates.

Thanks!
Comment 5 Thomas Backlund 2013-12-19 22:13:07 CET
Update pushed:
http://advisories.mageia.org/MGASA-2013-0380.html
Comment 6 David Walser 2014-01-07 22:25:21 CET
LWN reference for CVE-2013-7112:
http://lwn.net/Vulnerabilities/579354/

Note You need to log in before you can comment on or make changes to this bug.