Bug 1086033 (CVE-2014-4174) - CVE-2014-4174 libpcap: file parser crash (wnpa-sec-2014-05)
Summary: CVE-2014-4174 libpcap: file parser crash (wnpa-sec-2014-05)
Alias: CVE-2014-4174
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On:
Blocks: 1086034
TreeView+ depends on / blocked
Reported: 2014-04-10 00:36 UTC by Vincent Danen
Modified: 2021-02-17 06:42 UTC (History)
5 users (show)

Fixed In Version: wireshark 1.10.4
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2015-02-05 16:24:16 UTC

Attachments (Terms of Use)

Description Vincent Danen 2014-04-10 00:36:46 UTC
It was reported that the libpcap file parser could crash.  It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

This is reported to affect Wireshark versions 1.10.0 to 1.10.3 and is fixed in 1.10.4.  According to the upstream bug report, it was only ever reproduced in Windows, however the upstream advisory does not indicate that it is Windows-only.


External References:


Comment 1 Vincent Danen 2014-06-18 20:13:33 UTC
Common Vulnerabilities and Exposures assigned an identifier CVE-2014-4174 to
the following vulnerability:

Name: CVE-2014-4174
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4174
Assigned: 20140617
Reference: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808
Reference: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9390
Reference: http://anonsvn.wireshark.org/viewvc/trunk-1.10/wiretap/libpcap.c?r1=53123&r2=53122&pathrev=53123
Reference: http://anonsvn.wireshark.org/viewvc?view=revision&revision=53123
Reference: http://www.wireshark.org/security/wnpa-sec-2014-05.html
Reference: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9753

wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x
before 1.10.4 allows remote attackers to execute arbitrary code or
cause a denial of service (memory corruption and application crash)
via a crafted packet-trace file that includes a large packet.

Comment 2 Vincent Danen 2015-02-05 16:22:49 UTC

Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Note You need to log in before you can comment on or make changes to this bug.