Vulnerabilities in Wireshark could be exploited remotely to crash the system

Pablinux

2 minutes

Wireshark repaired

So and how we explain at the beginning of the year, Wireshark is the most important and most used free network protocol analyzer in the world and is used for the solution and analysis of networks and to be able to capture and view the data of a network with the possibility of being able to read the contents of the captured packets. Likely because of the user base, Canonical has labeled one of the two recently fixed vulnerabilities as medium urgency.

As we are used to, the company directed by Mark Shuttleworth has published the safety report after having fixed both vulnerabilities. It's about the report USN-4133-1 and describes two flaws in Wireshark that could be used to crash the software if it received network traffic or specially crafted input files. The bugs are present in the three Ubuntu versions that still enjoy official support, which are Ubuntu 19.04 Disco Dingo, Ubuntu 18.04 Bionic Beaver, and Ubuntu 16.04 Xenial Xerus.

Wireshark vulnerabilities exist in all versions that have the software installed

The version that will be released in just one month (31 days), that is, Ubuntu 19.10 is not affected. Yes Ubuntu 14.04 is affected, so they should soon publish in report USN-4133-2 with the updated information for Trusty Tahr. Ubuntu 14.04 and Ubuntu 12.04 still enjoy ESM support, but the version released in 2012 is not compatible with the latest versions of this technology.

The fixed vulnerabilities, with the same description, are:

  • CVE-2019-12295 y CVE-2019-13619- Wireshark was found to mishandle certain inputs. A remote or local user could cause Wireshark to crash by injecting malformed packets into the network or by convincing someone to read a malformed packet trace file. The first vulnerability is tagged as low urgency, while the second is tagged as medium urgency.

As we have already mentioned, Canonical has already fixed the problems, so protecting ourselves is as simple as opening our software updater and installing the new versions of:

  • libwireshark-data.
  • libwireshark11.
  • libwiretap8.
  • libwcodecs2.
  • libwsutil9.
  • tshark.
  • wireshark.
  • wireshark-common.
  • wireshark-gtk.
  • wireshark-qt

For the changes to take effect, it is recommended to restart the operating system.


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Juan Carlos said
    ago 5 years

    I have it installed through ppa, but it is not updated to the latest version, it has stayed in 2.6.8, I am on Ubuntu 16.04.6

    Reply to Juan Carlos