ID CVE-2018-11358
Summary In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.
References
Vulnerable Configurations
  • Wireshark 2.2.0
    cpe:2.3:a:wireshark:wireshark:2.2.0
  • Wireshark 2.2.1
    cpe:2.3:a:wireshark:wireshark:2.2.1
  • Wireshark 2.2.2
    cpe:2.3:a:wireshark:wireshark:2.2.2
  • Wireshark 2.2.3
    cpe:2.3:a:wireshark:wireshark:2.2.3
  • Wireshark 2.2.4
    cpe:2.3:a:wireshark:wireshark:2.2.4
  • Wireshark 2.2.5
    cpe:2.3:a:wireshark:wireshark:2.2.5
  • Wireshark 2.2.6
    cpe:2.3:a:wireshark:wireshark:2.2.6
  • Wireshark 2.2.7
    cpe:2.3:a:wireshark:wireshark:2.2.7
  • Wireshark 2.2.8
    cpe:2.3:a:wireshark:wireshark:2.2.8
  • Wireshark 2.2.9
    cpe:2.3:a:wireshark:wireshark:2.2.9
  • Wireshark 2.2.10
    cpe:2.3:a:wireshark:wireshark:2.2.10
  • Wireshark 2.2.11
    cpe:2.3:a:wireshark:wireshark:2.2.11
  • Wireshark 2.2.12
    cpe:2.3:a:wireshark:wireshark:2.2.12
  • Wireshark 2.2.13
    cpe:2.3:a:wireshark:wireshark:2.2.13
  • Wireshark 2.2.14
    cpe:2.3:a:wireshark:wireshark:2.2.14
  • Wireshark 2.4.0
    cpe:2.3:a:wireshark:wireshark:2.4.0
  • Wireshark 2.4.1
    cpe:2.3:a:wireshark:wireshark:2.4.1
  • Wireshark 2.4.2
    cpe:2.3:a:wireshark:wireshark:2.4.2
  • Wireshark 2.4.3
    cpe:2.3:a:wireshark:wireshark:2.4.3
  • Wireshark 2.4.4
    cpe:2.3:a:wireshark:wireshark:2.4.4
  • Wireshark 2.4.5
    cpe:2.3:a:wireshark:wireshark:2.4.5
  • Wireshark 2.4.6
    cpe:2.3:a:wireshark:wireshark:2.4.6
  • Wireshark 2.6.0
    cpe:2.3:a:wireshark:wireshark:2.6.0
  • Debian Linux 7.0
    cpe:2.3:o:debian:debian_linux:7.0
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-416
CAPEC
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4217.NASL
    description It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial of service or the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 110318
    published 2018-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110318
    title Debian DSA-4217-1 : wireshark - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-3DFEE621AF.NASL
    description New version 2.6.1, contains fixes for multiple CVEs. ---- Fixed undefined reference in tshark, corrected build flags usage Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120367
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120367
    title Fedora 28 : 1:wireshark (2018-3dfee621af)
  • NASL family Windows
    NASL id WIRESHARK_2_6_1.NASL
    description The version of Wireshark installed on the remote Windows host is 2.2.x prior to 2.2.15, 2.4.x prior to 2.4.6, or 2.6.x prior to 2.6.1. It is, therefore, affected by multiple vulnerabilities.
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 110269
    published 2018-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110269
    title Wireshark 2.2.x < 2.2.15 / 2.4.x < 2.4.7 / 2.6.x < 2.6.1 Multiple Vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_WIRESHARK_2_6_1.NASL
    description The version of Wireshark installed on the remote MacOS/MacOSX host is 2.2.x prior to 2.2.15, 2.4.x prior to 2.4.7, or 2.6.x prior to 2.6.1. It is, therefore, affected by multiple vulnerabilities.
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 110268
    published 2018-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110268
    title Wireshark 2.2.x < 2.2.15 / 2.4.x < 2.4.7 / 2.6.x < 2.6.1 Multiple Vulnerabilities (MacOS)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-1988-1.NASL
    description This update for wireshark fixes vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files (bsc#1094301). This includes : - CVE-2018-11356: DNS dissector crash - CVE-2018-11357: Multiple dissectors could consume excessive memory - CVE-2018-11358: Q.931 dissector crash - CVE-2018-11359: The RRC dissector and other dissectors could crash - CVE-2018-11360: GSM A DTAP dissector crash - CVE-2018-11362: LDSS dissector crash Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 120052
    published 2019-01-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120052
    title SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2018:1988-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-D1CFA444D2.NASL
    description New version 2.6.1, contains fixes for multiple CVEs. ---- Fixed undefined reference in tshark, corrected build flags usage Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-09-04
    plugin id 110328
    published 2018-06-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110328
    title Fedora 27 : 1:wireshark (2018-d1cfa444d2)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-2412-1.NASL
    description This update for wireshark fixes the following issues: Security issues fixed : - bsc#1094301: Wireshark security update to 2.6.1, 2.4.7, 2.2.15 - CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810) - CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776) - CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786) - CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788) - CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804) - CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777) - CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802) - CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800) - CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791) - CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794) - CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301). - CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301). - CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301). - CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301). - CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301). - CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301). - CVE-2018-11356: Fix DNS dissector crash (bsc#1094301). - CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301). - CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 112015
    published 2018-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112015
    title SUSE SLES11 Security Update : wireshark (SUSE-SU-2018:2412-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1388.NASL
    description Several issues that could result in a crash within different dissectors have been fixed. Other issues are related to memory leaks or heap-based buffer overflows. All issue could be caused by special crafted and malformed packets. For Debian 7 'Wheezy', these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u6~deb7u11. We recommend that you upgrade your wireshark packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-08-31
    plugin id 110164
    published 2018-05-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110164
    title Debian DLA-1388-1 : wireshark security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-2891-1.NASL
    description This update for wireshark to version 2.4.9 fixes the following issues : Wireshark was updated to 2.4.9 (bsc#1094301, bsc#1106514). Security issues fixed : CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44) CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45) CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46) CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301). CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802) CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794) CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301). CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301). CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301). CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777) CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786) CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804) CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776) CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301). CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788) CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301). CVE-2018-11356: Fix DNS dissector crash (bsc#1094301). CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810) CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301). CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791) CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301). CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800) Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 117821
    published 2018-09-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117821
    title SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:2891-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-2891-2.NASL
    description This update for wireshark to version 2.4.9 fixes the following issues : Wireshark was updated to 2.4.9 (bsc#1094301, bsc#1106514). Security issues fixed : CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44) CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45) CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46) CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301). CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802) CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794) CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301). CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301). CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301). CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777) CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786) CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804) CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776) CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301). CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788) CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301). CVE-2018-11356: Fix DNS dissector crash (bsc#1094301). CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810) CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301). CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791) CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301). CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800) Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 118294
    published 2018-10-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118294
    title SUSE SLES12 Security Update : wireshark (SUSE-SU-2018:2891-2)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-520.NASL
    description This update for wireshark fixes the following issues : Minor vulnerabilities that could be used to trigger dissector crashes or cause excessive memory use by making Wireshark read specially crafted packages from the network or capture files (boo#1094301) : - CVE-2018-11356: DNS dissector crash - CVE-2018-11357: Multiple dissectors could consume excessive memory - CVE-2018-11358: Q.931 dissector crash - CVE-2018-11359: The RRC dissector and other dissectors could crash - CVE-2018-11360: GSM A DTAP dissector crash - CVE-2018-11362: LDSS dissector crash This update to version 2.4.7 also contains bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.7.html
    last seen 2019-02-21
    modified 2018-09-04
    plugin id 110177
    published 2018-05-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110177
    title openSUSE Security Update : wireshark (openSUSE-2018-520)
refmap via4
bid 104308
confirm
debian DSA-4217
mlist [debian-lts-announce] 20180528 [SECURITY] [DLA 1388-1] wireshark security update
sectrack 1041036
Last major update 22-05-2018 - 17:29
Published 22-05-2018 - 17:29
Last modified 14-03-2019 - 12:16
Back to Top