{"id":"MGASA-2018-0151","summary":"Updated wireshark packages fix security vulnerabilities","details":"The SIGCOMP dissector could crash (CVE-2018-7320).\n\nMultiple dissectors could go into large infinite loops. All ASN.1 BER\ndissectors, along with the DICOM, DMP, LLTD, OpenFlow, RELOAD, RPCoRDMA,\nRPKI-Router, S7COMM, SCCP, Thread, Thrift, USB, and WCCP dissectors were\nsusceptible (CVE-2018-7321,CVE-2018-7322, CVE-2018-7323, CVE-2018-7324,\nCVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328,\nCVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332,\nCVE-2018-7333).\n\nThe UMTS MAC dissector could crash (CVE-2018-7334).\n\nThe IEEE 802.11 dissector could crash (CVE-2018-7335)\n\nThe FCP dissector could crash (CVE-2018-7336).\n\nThe IPMI dissector could crash (CVE-2018-7417).\n\nThe SIGCOMP dissector could crash (CVE-2018-7418).\n\nThe NBAP disssector could crash (CVE-2018-7419).\n\nThe pcapng file parser could crash (CVE-2018-7420).\n\nThe LWAPP dissector could crash (CVE-2018-9256).\n\nThe MP4 dissector could crash (CVE-2018-9259).\n\nThe IEEE 802.15.4 dissector could crash (CVE-2018-9260).\n\nThe NBAP dissector could crash (CVE-2018-9261).\n\nThe VLAN dissector could crash (CVE-2018-9262).\n\nThe Kerberos dissector could crash (CVE-2018-9263).\n\nThe ADB dissector could crash (CVE-2018-9264).\n\nMemory leaks in multiple dissectors (CVE-2018-9265, CVE-2018-9266,\nCVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270,\nCVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274).\n","modified":"2026-02-04T02:49:19.581550Z","published":"2018-02-28T13:55:21Z","related":["CVE-2018-7320","CVE-2018-7321","CVE-2018-7322","CVE-2018-7323","CVE-2018-7324","CVE-2018-7325","CVE-2018-7326","CVE-2018-7327","CVE-2018-7328","CVE-2018-7329","CVE-2018-7330","CVE-2018-7331","CVE-2018-7332","CVE-2018-7333","CVE-2018-7334","CVE-2018-7335","CVE-2018-7336","CVE-2018-7417","CVE-2018-7418","CVE-2018-7419","CVE-2018-7420","CVE-2018-9256","CVE-2018-9259","CVE-2018-9260","CVE-2018-9261","CVE-2018-9262","CVE-2018-9263","CVE-2018-9264","CVE-2018-9265","CVE-2018-9266","CVE-2018-9267","CVE-2018-9268","CVE-2018-9269","CVE-2018-9270","CVE-2018-9271","CVE-2018-9272","CVE-2018-9273","CVE-2018-9274"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0151.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22643"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-05.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-06.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-07.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-09.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-10.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-11.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-12.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-13.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-14.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-15.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-16.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-17.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-18.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-19.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-20.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-23.html"},{"type":"REPORT","url":"https://www.wireshark.org/docs/relnotes/wireshark-2.2.13.html"},{"type":"REPORT","url":"https://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html"},{"type":"REPORT","url":"https://www.wireshark.org/news/20180223.html"},{"type":"REPORT","url":"https://www.wireshark.org/news/20180403.html"},{"type":"REPORT","url":"https://lists.opensuse.org/opensuse-updates/2018-04/msg00015.html"}],"affected":[{"package":{"name":"wireshark","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/wireshark?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.14-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0151.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}