Bug 1655941 (CVE-2018-19628)
Summary: | CVE-2018-19628 wireshark: ZigBee ZCL dissector crash | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | denis, huzaifas, lemenkov, mruprich, msehnout, phatina, rvokal |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | wireshark 2.6.5 | Doc Type: | If docs needed, set a value |
Doc Text: |
A divide-by-zero vulnerability in ZigBee ZCL dissector allows Wireshark to crash when parsing a specially crafted pcap file. An attacker could cause a denial of service to Wireshark by injecting malicious packets into victim's WPAN network.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-07-12 13:06:21 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1655944, 1657190 | ||
Bug Blocks: | 1655949 |
Description
Andrej Nemec
2018-12-04 09:58:47 UTC
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1655944] ZigBee is a family of WPAN protocols, thus AV:A. Statement: This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 5, 6, and 7. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-19628 |