Vulnerability CVE-2019-10902: Information

Description

In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.

Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2019-10902
Published: April 9, 2019
Modified: Nov. 7, 2023
Error type identifier: CWE-252

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
wiresharksisyphus3.0.1-alt14.2.5-alt2ALT-PU-2019-1633-1227002Fixed
wiresharkp103.0.1-alt14.0.11-alt1ALT-PU-2019-1633-1227002Fixed
wiresharkp93.0.1-alt14.0.8-alt1ALT-PU-2019-1633-1227002Fixed
wiresharkp83.0.6-alt13.0.6-alt1ALT-PU-2019-3250-1240804Fixed
wiresharkc10f13.0.1-alt14.0.11-alt1ALT-PU-2019-1633-1227002Fixed
wiresharkc9f23.0.1-alt14.0.11-alt1ALT-PU-2019-1633-1227002Fixed
wiresharkp113.0.1-alt14.2.5-alt2ALT-PU-2019-1633-1227002Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.wireshark.org/security/wnpa-sec-2019-16.html
  • Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15619
  • Exploit
  • Issue Tracking
  • Patch
  • Vendor Advisory
107836
  • Third Party Advisory
  • VDB Entry
openSUSE-SU-2020:0362
    https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=95571f17d5e2de39735e62e5251583f930c06d51
      FEDORA-2019-aef1dac6a0
        FEDORA-2019-77b2d840ef

            1. Configuration 1

              cpe:2.3:a:wireshark:wireshark:3.0.0:*:*:*:*:*:*:*

              Configuration 2

              cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
              cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
          VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
          Version: v24.5.3
          Back to top