SB2022021016 - Multiple vulnerabilities in Wireshark
Published: February 10, 2022 Updated: October 16, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Infinite loop (CVE-ID: CVE-2022-0586)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in RTMPT dissector. A remote attacker can send specially crafted packets over the network, consume all available system resources and cause denial of service conditions.
2) Infinite loop (CVE-ID: CVE-2022-0585)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to large loops in multiple dissectors including AMP, ATN-ULCS and possibly other ASN.1 PER dissectors, BP, GDSDB, OpenFlow v5, P_MUL, SoulSeek, TDS, WBXML, WSP and possibly other WAP dissectors, and ZigBee ZCL. A remote attacker can send specially crafted packets over the network, consume all available system resources and cause denial of service conditions.
3) Input validation error (CVE-ID: CVE-2022-0583)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in PVFS dissector. A remote attacker can send specially crafted packets over the network and perform a denial of service (DoS) attack.
4) Input validation error (CVE-ID: CVE-2022-0582)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CSN.1 dissector. A remote attacker can send specially crafted packets over the network and perform a denial of service (DoS) attack.
5) Input validation error (CVE-ID: CVE-2022-0581)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CMS dissector. A remote attacker can send specially crafted packets over the network and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://www.wireshark.org/security/wnpa-sec-2022-01.html
- https://gitlab.com/wireshark/wireshark/-/issues/17813
- https://www.wireshark.org/security/wnpa-sec-2022-02.html
- https://gitlab.com/wireshark/wireshark/-/issues/17829
- https://gitlab.com/wireshark/wireshark/-/issues/17842
- https://gitlab.com/wireshark/wireshark/-/issues/17847
- https://gitlab.com/wireshark/wireshark/-/issues/17855
- https://gitlab.com/wireshark/wireshark/-/issues/17891
- https://gitlab.com/wireshark/wireshark/-/issues/17925
- https://gitlab.com/wireshark/wireshark/-/issues/17926
- https://gitlab.com/wireshark/wireshark/-/issues/17931
- https://gitlab.com/wireshark/wireshark/-/issues/17932
- https://gitlab.com/wireshark/wireshark/-/issues/17933
- https://www.wireshark.org/security/wnpa-sec-2022-03.html
- https://gitlab.com/wireshark/wireshark/-/issues/17840
- https://www.wireshark.org/security/wnpa-sec-2022-04.html
- https://gitlab.com/wireshark/wireshark/-/issues/17882
- https://www.wireshark.org/security/wnpa-sec-2022-05.html
- https://gitlab.com/wireshark/wireshark/-/issues/17935