Bug 2256654 (CVE-2024-0210)

Summary:	CVE-2024-0210 wireshark: Zigbee TLV dissector crash via packet injection or crafted capture file
Product:	[Other] Security Response	Reporter:	Mauro Matteo Cascella <mcascell>
Component:	vulnerability	Assignee:	Product Security <prodsec-ir-bot>
Status:	CLOSED RAWHIDE	QA Contact:
Severity:	medium	Docs Contact:
Priority:	medium
Version:	unspecified	CC:	mruprich
Target Milestone:	---	Keywords:	Security
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:	wireshark 4.2.1	Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the TLV dissector of Wireshark. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.	Story Points:	---
Clone Of:		Environment:
Last Closed:	2024-02-01 15:39:47 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	2256655
Bug Blocks:	2256664

Description Mauro Matteo Cascella 2024-01-03 16:55:29 UTC

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file.

References:
https://www.wireshark.org/security/wnpa-sec-2024-04.html
https://gitlab.com/wireshark/wireshark/-/issues/19504
https://nvd.nist.gov/vuln/detail/CVE-2024-0210

Comment 1 Mauro Matteo Cascella 2024-01-03 16:56:04 UTC

Created wireshark tracking bugs for this issue:

Affects: fedora-all [bug 2256655]

Comment 3 Michal Ruprich 2024-02-01 15:39:47 UTC

This is fixed in current Rawhide build. Older 4.0.x releases do not have the affected code.

https://koji.fedoraproject.org/koji/taskinfo?taskID=112740312