Wireshark is prone to multiple denial-of-service vulnerabilities.
An attacker can exploit these issues by injecting a malformed packet onto the wire or by convincing someone to read a malformed 'pcap' file.
Attackers can exploit these issues to crash the affected application or to consume excess memory, denying service to legitimate users.
Wireshark 2.6.0 through 2.6.2, 2.4.0 through 2.4.8, and 2.2.0 through 2.2.16 are vulnerable.
Information
CVE-2018-16056
CVE-2018-16057
Wireshark Wireshark 2.6.1
Wireshark Wireshark 2.6
Wireshark Wireshark 2.4.8
Wireshark Wireshark 2.4.7
Wireshark Wireshark 2.4.6
Wireshark Wireshark 2.4.5
Wireshark Wireshark 2.4.4
Wireshark Wireshark 2.4.3
Wireshark Wireshark 2.4.1
Wireshark Wireshark 2.4
Wireshark Wireshark 2.2.16
Wireshark Wireshark 2.2.15
Wireshark Wireshark 2.2.14
Wireshark Wireshark 2.2.13
Wireshark Wireshark 2.2.12
Wireshark Wireshark 2.2.11
Wireshark Wireshark 2.2.10
Wireshark Wireshark 2.2.9
Wireshark Wireshark 2.2.8
Wireshark Wireshark 2.2.7
Wireshark Wireshark 2.2.6
Wireshark Wireshark 2.2.5
Wireshark Wireshark 2.2.4
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.2
Wireshark Wireshark 2.4.2
Wireshark Wireshark 2.4.9
Wireshark Wireshark 2.2.17
Exploit
Sample packet trace files are available in the Wireshark bug reports. Please see the references for more information.
References:
- Bug 14884 - Buildbot crash output: fuzz-2018-06-16-17919.pcap (Wireshark)
- Bug 15022 - Buildbot crash output: fuzz-2018-08-02-32514.pcap (Wireshark)
- Wireshark Homepage (Wireshark)
- wnpa-sec-2018-45 · Bluetooth Attribute Protocol dissector crash (Wireshark)
- Bug 14994 - Buildbot crash output: fuzz-2018-07-19-10297.pcap (Wireshark)
- wnpa-sec-2018-44 · Bluetooth AVDTP dissector crash (Wireshark)
- wnpa-sec-2018-46 · Radiotap dissector crash (Wireshark)