SB2021123001 - Multiple vulnerabilities in Wireshark
Published: December 30, 2021 Updated: October 16, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 7 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2021-4186)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in Gryphon dissector. A remote attacker can pass specially crafted traffic through the network and perform a denial of service (DoS) attack.
2) Infinite loop (CVE-ID: CVE-2021-4185)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in RTMPT dissector. A remote attacker can send specially crafted traffic over the network, consume all available system resources and cause denial of service conditions.
3) Infinite loop (CVE-ID: CVE-2021-4184)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in BitTorrent DHT dissector. A remote attacker can send specially crafted traffic over the network, consume all available system resources and cause denial of service conditions.
4) Input validation error (CVE-ID: CVE-2021-4183)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in pcapng file parser. A remote attacker can trick the victim to open a malformed packet trace file and perform a denial of service (DoS) attack.
5) Infinite loop (CVE-ID: CVE-2021-4182)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in RFC 7468 file parser. A remote attacker can trick the victim to open a specially crafted packet trace file and consume excessive CPU resources.
6) Input validation error (CVE-ID: CVE-2021-4181)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the Sysdig Event dissector. A remote attacker can send specially crafted traffic over the network and perform a denial of service (DoS) attack.
7) Infinite loop (CVE-ID: CVE-2021-4190)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in Kafka protocol dissector. A remote attacker can send specially crafted traffic over the network, consume all available system resources and cause denial of service conditions.
Remediation
Install update from vendor's website.
References
- https://www.wireshark.org/security/wnpa-sec-2021-16.html
- https://www.wireshark.org/security/wnpa-sec-2021-17.html
- https://www.wireshark.org/security/wnpa-sec-2021-18.html
- https://www.wireshark.org/security/wnpa-sec-2021-19.html
- https://www.wireshark.org/security/wnpa-sec-2021-20.html
- https://www.wireshark.org/security/wnpa-sec-2021-21.html
- https://www.wireshark.org/security/wnpa-sec-2021-22.html