Ubuntu update for wireshark
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2020-13164 CVE-2020-15466 CVE-2020-17498 CVE-2020-25862 CVE-2020-25863 |
| CWE-ID | CWE-400 CWE-835 CWE-415 CWE-20 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software Subscribe |
Ubuntu Operating systems & Components / Operating system libwireshark11 (Ubuntu package) Operating systems & Components / Operating system package or component libwireshark13 (Ubuntu package) Operating systems & Components / Operating system package or component wireshark-gtk (Ubuntu package) Operating systems & Components / Operating system package or component wireshark-common (Ubuntu package) Operating systems & Components / Operating system package or component wireshark-qt (Ubuntu package) Operating systems & Components / Operating system package or component wireshark (Ubuntu package) Operating systems & Components / Operating system package or component tshark (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Resource exhaustion
EUVDB-ID: #VU28181
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-13164
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in NFS dissector. A remote attacker can inject a malformed packet onto the wire or trick a victim to read a malformed packet trace file and perform a denial of service (DoS) attack.
MitigationUpdate the affected package wireshark to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libwireshark11 (Ubuntu package): before Ubuntu Pro
libwireshark13 (Ubuntu package): before Ubuntu Pro
wireshark-gtk (Ubuntu package): before Ubuntu Pro
wireshark-common (Ubuntu package): before Ubuntu Pro
wireshark-qt (Ubuntu package): before Ubuntu Pro
wireshark (Ubuntu package): before Ubuntu Pro
tshark (Ubuntu package): before Ubuntu Pro
External linkshttp://ubuntu.com/security/notices/USN-6262-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Infinite loop
EUVDB-ID: #VU29492
Risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2020-15466
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the GVCP dissector. A remote attacker can pass specially crafted packet trace file to the application, consume all available system resources and cause denial of service conditions.
MitigationUpdate the affected package wireshark to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libwireshark11 (Ubuntu package): before Ubuntu Pro
libwireshark13 (Ubuntu package): before Ubuntu Pro
wireshark-gtk (Ubuntu package): before Ubuntu Pro
wireshark-common (Ubuntu package): before Ubuntu Pro
wireshark-qt (Ubuntu package): before Ubuntu Pro
wireshark (Ubuntu package): before Ubuntu Pro
tshark (Ubuntu package): before Ubuntu Pro
External linkshttp://ubuntu.com/security/notices/USN-6262-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Double Free
EUVDB-ID: #VU45824
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-17498
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in Kafka dissector. A remote attacker can pass specially crafted data to the application, trigger double free error and crash the application.
Update the affected package wireshark to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libwireshark11 (Ubuntu package): before Ubuntu Pro
libwireshark13 (Ubuntu package): before Ubuntu Pro
wireshark-gtk (Ubuntu package): before Ubuntu Pro
wireshark-common (Ubuntu package): before Ubuntu Pro
wireshark-qt (Ubuntu package): before Ubuntu Pro
wireshark (Ubuntu package): before Ubuntu Pro
tshark (Ubuntu package): before Ubuntu Pro
External linkshttp://ubuntu.com/security/notices/USN-6262-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU47001
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-25862
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the TCP dissector in Wireshark. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package wireshark to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libwireshark11 (Ubuntu package): before Ubuntu Pro
libwireshark13 (Ubuntu package): before Ubuntu Pro
wireshark-gtk (Ubuntu package): before Ubuntu Pro
wireshark-common (Ubuntu package): before Ubuntu Pro
wireshark-qt (Ubuntu package): before Ubuntu Pro
wireshark (Ubuntu package): before Ubuntu Pro
tshark (Ubuntu package): before Ubuntu Pro
External linkshttp://ubuntu.com/security/notices/USN-6262-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU47000
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-25863
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the MIME Multipart dissector in Wireshark. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package wireshark to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libwireshark11 (Ubuntu package): before Ubuntu Pro
libwireshark13 (Ubuntu package): before Ubuntu Pro
wireshark-gtk (Ubuntu package): before Ubuntu Pro
wireshark-common (Ubuntu package): before Ubuntu Pro
wireshark-qt (Ubuntu package): before Ubuntu Pro
wireshark (Ubuntu package): before Ubuntu Pro
tshark (Ubuntu package): before Ubuntu Pro
External linkshttp://ubuntu.com/security/notices/USN-6262-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
