CVE-2023-2906 – Wireshark CP2179 divide by zero
https://notcve.org/view.php?id=CVE-2023-2906
Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack. Debido a un error al validar la longitud proporcionada por un paquete CP2179 creado por un atacante, las versiones de Wireshark 2.0.0 a 4.0.7 son susceptibles a una división por cero, lo que permite un ataque de denegación de servicio. • https://gitlab.com/wireshark/wireshark/-/issues/19229 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HCUPLDY7HLPO46PHMGIJSUBJFTT237C https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4AVRUYSHDNEAJILVSGY5W6MPOMG2YRF https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRKHFQPWFU7F3OXTL6IEIQSJG6FVXZTZ https://takeonme.org/cves/CVE-2023-2906.html • CWE-369: Divide By Zero •
CVE-2022-4344
https://notcve.org/view.php?id=CVE-2022-4344
Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file El agotamiento de la memoria en el disector del protocolo Kafka en Wireshark 4.0.0 a 4.0.1 y 3.6.0 a 3.6.9 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4344.json https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDZMWIKH3L5JQZC6GSVOJ3N5UXNQPJGQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGWIW6K64PKC375YAONYXKIVT2FDEDV3 https://www.wireshark.org/security/wnpa-sec-2022-10.html • CWE-400: Uncontrolled Resource Consumption •
CVE-2020-26575
https://notcve.org/view.php?id=CVE-2020-26575
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. En Wireshark versiones hasta 3.2.7, el Facebook Zero Protocol (también se conoce como FBZERO), podría entrar en un bucle infinito. Esto fue abordado en el archivo epan/dissectors/packet-fbzero.c corrigiendo la implementación del avance de compensación • https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab https://gitlab.com/wireshark/wireshark/-/issues/16887 https://gitlab.com/wireshark/wireshark/-/merge_requests/467 https://gitlab.com/wireshark/wireshark/-/merge_requests/471 https://gitlab.com/wireshark/wireshark/-/merge_requests/472 https://gitlab.com/wireshark/wireshark/-/merge_requests/473 https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html https://lists.fedoraproject.org/archives • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2020-25863
https://notcve.org/view.php?id=CVE-2020-25863
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts. En Wireshark versiones 3.2.0 hasta 3.2.6, versiones 3.0.0 hasta 3.0.13 y versiones 2.6.0 hasta 2.6.20, el disector MIME Multipart podría bloquearse. Esto fue abordado en el archivo epan/disactors/packet-multipart.c corrigiendo la desasignación de partes MIME no válidas • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html https://gitlab.com/wireshark/wireshark/-/commit/5803c7b87b3414cdb8bf502af50bb406ca774482 https://gitlab.com/wireshark/wireshark/-/issues/16741 https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW https://lists.fedoraproject.org/archives •
CVE-2020-25866
https://notcve.org/view.php?id=CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs. En Wireshark versiones 3.2.0 hasta 3.2.6 y versiones 3.0.0 hasta 3.0.13, el disector del protocolo BLIP presenta una desreferencia del puntero NULL porque un búfer fue dimensionado para mensajes comprimidos (no sin comprimir). Esto fue abordado en el archivo epan/disactors/packet-blip.c permitiendo relaciones de compresión razonables y rechazando las bombas ZIP • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f https://gitlab.com/wireshark/wireshark/-/issues/16866 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D • CWE-476: NULL Pointer Dereference •