Memory leak in wireshark (Alpine package)



Published: 2018-04-30
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2018-9267
CWE-ID CWE-401
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		wireshark (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Memory leak

EUVDB-ID: #VU12723

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-9267

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in epan/dissectors/packet-lapd.c due to memory leak. A remote attacker can trick the victim into opening a specially crafted packet trace file and cause the TN3270, ISUP, LAPD, SMB2, GIOP, ASN.1, MIME multipart, H.223, and PCP dissectors to crash.

Mitigation

Install update from vendor's website.

Vulnerable software versions

wireshark (Alpine package): 2.2.3-r0 - 2.4.5-r0

wireshark (Alpine package):

CPE2.3 External links

http://git.alpinelinux.org/aports/commit/?id=3296b080a93bebe2fa5a42ed0bda9351f68b3f30
http://git.alpinelinux.org/aports/commit/?id=82f356f8c4189cfb0802954a2e20f09baf6a49a0
http://git.alpinelinux.org/aports/commit/?id=ec81538d245e98a04f14f8f9c4dc6cad899c18d3


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###