Wireshark 'dissectors/asn1/ros/packet-ros-template.c' Denial of Service Vulnerability

Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain types of packets.

Attackers can exploit this issue to crash the affected application, resulting in denial-of-service conditions.

Wireshark 2.2.0 through 2.2.12 are vulnerable; other versions may also be affected.

Information

Bugtraq ID: 98800
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-9347

Remote: Yes
Local: No
Published: Jun 01 2017 12:00AM
Updated: Jun 01 2017 12:00AM
Credit: OSS-Fuzz project.
Vulnerable: Wireshark Wireshark 2.2.12
Wireshark Wireshark 2.2.6
Wireshark Wireshark 2.2.5
Wireshark Wireshark 2.2.4
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.2
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0

Not Vulnerable: Wireshark Wireshark 2.2.7

Exploit

A sample packet trace file is available in the Wireshark bug report. Please see the references for more information.

References:

• Bug 13637 - [oss-fuzz] UBSAN: null pointer passed as argument 1, which is decla (Wireshark)
  
• CVE-2017-9347 (Red Hat)
  
• wireshark: Crash in wmem_str_hash (chromium.org)
  
• ROS: Harden ROS dissection (Wireshark)
  
• Wireshark Homepage (Wireshark)
  
• wnpa-sec-2017-31 · ROS dissector crash (Wireshark)
  

Source: www.securityfocus.com