UBUNTU-CVE-2017-6014

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2017-6014

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-6014.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-6014

Related

CVE-2017-6014

Published

2017-02-17T07:59:00Z

Modified

2017-02-17T07:59:00Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.

References

Affected packages

Ubuntu:14.04:LTS / wireshark

Package

Name: wireshark
Purl: pkg:deb/ubuntu/wireshark@1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1

Affected versions

1.*

1.10.2-1

1.10.3-1

1.10.5-1ubuntu1

1.10.5-2

1.10.6-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libwiretap-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwsutil-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "wireshark-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "wireshark-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "wireshark-dbg": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "wireshark-doc": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwsutil4": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwireshark5-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "wireshark-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwiretap-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwsutil-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "tshark": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwireshark-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "tshark-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "wireshark-common-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "wireshark-qt": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwireshark-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "wireshark": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "wireshark-common": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwsutil4-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwiretap4-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwireshark-data": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwireshark5": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "libwiretap4": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1",
            "wireshark-qt-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1"
        }
    ]
}

Ubuntu:16.04:LTS / wireshark

Package

Name: wireshark
Purl: pkg:deb/ubuntu/wireshark@2.2.6+g32dac6a-2ubuntu0.16.04?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.6+g32dac6a-2ubuntu0.16.04

Affected versions

1.*

1.12.7+g7fc8978-1

1.12.8+g5b6e543-2

2.*

2.0.1+g59ea380-3build1

2.0.2+ga16e22e-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libwscodecs1-dbgsym": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "wireshark-dev": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwireshark8-dbgsym": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "wireshark-doc": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "tshark": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwscodecs1": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwiretap-dev": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwsutil-dev": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "tshark-dbgsym": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwireshark-dev": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwsutil7": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwsutil7-dbgsym": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "wireshark-qt": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwiretap6-dbgsym": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "wireshark": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "wireshark-common": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "wireshark-common-dbgsym": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "wireshark-gtk-dbgsym": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwireshark-data": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwiretap6": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "wireshark-gtk": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "wireshark-qt-dbgsym": "2.2.6+g32dac6a-2ubuntu0.16.04",
            "libwireshark8": "2.2.6+g32dac6a-2ubuntu0.16.04"
        }
    ]
}