Wireshark 'epan/dissectors/packet-ipv6.c' Denial of Service Vulnerability

Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain types of packets.

Attackers can exploit this issue to crash the affected application, resulting in denial-of-service conditions.

Wireshark 2.2.0 through 2.2.6 are vulnerable.

Information

Bugtraq ID: 98805
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-9353

Remote: Yes
Local: No
Published: Jun 05 2017 12:00AM
Updated: Jun 05 2017 12:00AM
Credit: OSS-Fuzz project.
Vulnerable: Wireshark Wireshark 2.2.6
Wireshark Wireshark 2.2.5
Wireshark Wireshark 2.2.4
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.2
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0

Not Vulnerable: Wireshark Wireshark 2.2.7

Exploit

A sample packet trace file is available in the Wireshark bug report. Please see the references for more information.

References:

• [oss-fuzz] UBSAN: member access within null pointer of type 'const struct e_in6_ (Wireshark)
  
• packet-ipv6.c: dissect_routing6_rpl must have IPv6 addresses. (Wireshark)
  
• Wireshark Homepage (Wireshark)
  
• wnpa-sec-2017-33 · IPv6 dissector crash (Wireshark)
  

Source: www.securityfocus.com