In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.

Several vulnerabilities were fixed in Wireshark, a network sniffer.

CVE-2019-13619

ASN.1 BER and related dissectors crash.

CVE-2019-16319

The Gryphon dissector could go into an infinite loop.

CVE-2019-19553

The CMS dissector could crash.

CVE-2020-7045

The BT ATT dissector could crash.

CVE-2020-9428

The EAP dissector could crash.

CVE-2020-9430

The WiMax DLMAP dissector could crash.

CVE-2020-9431

The LTE RRC dissector could leak memory.

CVE-2020-11647

The BACapp dissector could crash.

CVE-2020-13164

The NFS dissector could crash.

CVE-2020-15466

The GVCP dissector could go into an infinite loop.

CVE-2020-25862

The TCP dissector could crash.

CVE-2020-25863

The MIME Multipart dissector could crash.

CVE-2020-26418

Memory leak in the Kafka protocol dissector.

CVE-2020-26421

Crash in USB HID protocol dissector.

CVE-2020-26575

The Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop.

CVE-2020-28030

The GQUIC dissector could crash.

For Debian 9 stretch, these problems have been fixed in version 2.6.20-0+deb9u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for wireshark and libmaxminddb fixes the following issues :

Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).

New features include :

  - Added support for 111 new protocols, including     WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC

  - Improved support for existing protocols, like HTTP/2

  - Improved analytics and usability functionalities

This update was imported from the SUSE:SLE-15:Update update project.

This update for wireshark and libmaxminddb fixes the following issues :

Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).

New features include :

Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC

Improved support for existing protocols, like HTTP/2

Improved analytics and usability functionalities

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

New version 3.0.3, Security fix for CVE-2019-13619

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for wireshark to version 2.4.16 fixes the following issues :

Security issue fixed :

  - CVE-2019-13619: ASN.1 BER and related dissectors crash     (bsc#1141980).

This update was imported from the SUSE:SLE-15:Update update project.

This update for wireshark to version 2.4.16 fixes the following issues :

Security issue fixed :

CVE-2019-13619: ASN.1 BER and related dissectors crash (bsc#1141980).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Wireshark installed on the remote Windows host is 2.4.x prior to 2.4.16. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-2.4.16 advisory.

  - The ASN.1 BER and related dissectors could crash. It may     be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone     to read a malformed packet trace file. (CVE-2019-13619)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is 2.4.x prior to 2.4.16. It is, therefore, affected by a vulnerability as referenced in the wireshark-2.4.16 advisory.

  - The ASN.1 BER and related dissectors could crash. It may     be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone     to read a malformed packet trace file. (CVE-2019-13619)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is 2.6.x prior to 2.6.10. It is, therefore, affected by a vulnerability as referenced in the wireshark-2.6.10 advisory.

  - The ASN.1 BER and related dissectors could crash. It may     be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone     to read a malformed packet trace file. (CVE-2019-13619)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is 2.6.x prior to 2.6.10. It is, therefore, affected by a vulnerability as referenced in the wireshark-2.6.10 advisory.

  - The ASN.1 BER and related dissectors could crash. It may     be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone     to read a malformed packet trace file. (CVE-2019-13619)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is 3.0.x prior to 3.0.3. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.0.3 advisory.

  - The ASN.1 BER and related dissectors could crash. It may     be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone     to read a malformed packet trace file. (CVE-2019-13619)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is 3.0.x prior to 3.0.3. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.0.3 advisory.

  - The ASN.1 BER and related dissectors could crash. It may     be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone     to read a malformed packet trace file. (CVE-2019-13619)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
146291	Debian DLA-2547-1 : wireshark security update	Nessus	Debian Local Security Checks	high
134755	openSUSE Security Update : wireshark (openSUSE-2020-362)	Nessus	SuSE Local Security Checks	high
134625	SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:0693-1)	Nessus	SuSE Local Security Checks	high
128875	Ubuntu 16.04 LTS / 18.04 LTS : Wireshark vulnerabilities (USN-4133-1)	Nessus	Ubuntu Local Security Checks	high
128402	Fedora 30 : 1:wireshark (2019-70e93298e3)	Nessus	Fedora Local Security Checks	high
128397	Fedora 29 : 1:wireshark (2019-23f7634765)	Nessus	Fedora Local Security Checks	high
128046	openSUSE Security Update : wireshark (openSUSE-2019-1965)	Nessus	SuSE Local Security Checks	high
127788	SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2019:2104-1)	Nessus	SuSE Local Security Checks	high
127787	SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2019:2103-1)	Nessus	SuSE Local Security Checks	high
126923	Wireshark 2.4.x < 2.4.16 DoS Vulnerability	Nessus	Windows	high
126922	Wireshark 2.4.x < 2.4.16 DoS Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high
126921	Wireshark 2.6.x < 2.6.10 DoS Vulnerability	Nessus	Windows	high
126920	Wireshark 2.6.x < 2.6.10 DoS Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high
126919	Wireshark 3.0.x < 3.0.3 DoS Vulnerability	Nessus	Windows	high
126918	Wireshark 3.0.x < 3.0.3 DoS Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high

Detections

Analytics

CVE-2019-13619

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high