ALAS-2023-197

Amazon Linux 2023 Security Advisory: ALAS-2023-197
Advisory Release Date: 2023-06-05 16:39 Pacific
Advisory Updated Date: 2025-02-26 19:34 Pacific
Severity: Important
Issue Overview:

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version between 4.0.0 to 4.0.5, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running
Wireshark.
NOTE: https://www.wireshark.org/security/wnpa-sec-2023-18.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19085 (CVE-2023-0666)

Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. (CVE-2023-0667)

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. (CVE-2023-0668)

A vulnerability exists in wireshark version 4.0.0 to 4.0.5 which would allow a remote attacker to crash wireshark by either injecting a malformed packet onto the wire or by convincing a user to read a malformed packet trace file. (CVE-2023-2854)

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2855)

VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2856)

A vulnerability was found in wireshark versions between 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13. The attacker would need the victim to open a maliciously crafted wireshark trace file, which would cause wireshark to crash. (CVE-2023-2857)

NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2858)

GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file (CVE-2023-2879)

XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file (CVE-2023-2952)


Affected Packages:

wireshark


Issue Correction:
Run dnf update wireshark --releasever 2023.0.20230607 to update your system.

New Packages:
aarch64:
    wireshark-cli-debuginfo-4.0.6-1.amzn2023.0.1.aarch64
    wireshark-cli-4.0.6-1.amzn2023.0.1.aarch64
    wireshark-devel-4.0.6-1.amzn2023.0.1.aarch64
    wireshark-debugsource-4.0.6-1.amzn2023.0.1.aarch64

src:
    wireshark-4.0.6-1.amzn2023.0.1.src

x86_64:
    wireshark-cli-debuginfo-4.0.6-1.amzn2023.0.1.x86_64
    wireshark-cli-4.0.6-1.amzn2023.0.1.x86_64
    wireshark-devel-4.0.6-1.amzn2023.0.1.x86_64
    wireshark-debugsource-4.0.6-1.amzn2023.0.1.x86_64

Additional References

Red Hat: CVE-2023-0666, CVE-2023-0667, CVE-2023-0668, CVE-2023-2854, CVE-2023-2855, CVE-2023-2856, CVE-2023-2857, CVE-2023-2858, CVE-2023-2879, CVE-2023-2952

Mitre: CVE-2023-0666, CVE-2023-0667, CVE-2023-0668, CVE-2023-2854, CVE-2023-2855, CVE-2023-2856, CVE-2023-2857, CVE-2023-2858, CVE-2023-2879, CVE-2023-2952