SB2018083104 - Denial of service vulnerabilities in Wireshark

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Memory corruption (CVE-ID: CVE-2018-16057)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error in the ieee80211_radiotap_iterator_next() function, as defined in the epan/dissectors/packet-ieee80211-radiotap-iter.c source code file. A remote attacker can inject a malformed packet into a network, to be processed by the affected application, or trick the victim into opening a malicious packet trace file and cause the Radiotap dissector component to crash.

2) Improper input validation (CVE-ID: CVE-2018-16056)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to the epan/dissectors/packet-btatt.c source code file of the affected software does not verify that a dissector for a specific universally unique identifier (UUID) exists. A remote attacker can inject a malformed packet into a network, to be processed by the affected application, or trick the victim into opening a malicious packet trace file and cause the Bluetooth ATT dissector component to crash.

3) Improper input validation (CVE-ID: CVE-2018-16058)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to the epan/dissectors/packet-btavdtp.c source code file of the affected software improperly initializes a data structure. A remote attacker can inject a malformed packet into a network, to be processed by the affected application, or trick the victim into opening a malicious packet trace file and cause the AVDTP dissector component to crash.

Remediation

Install update from vendor's website.

References

• https://www.wireshark.org/security/wnpa-sec-2018-46.html
• https://www.wireshark.org/security/wnpa-sec-2018-45.html
• https://www.wireshark.org/security/wnpa-sec-2018-44.html