» 2018 » 2월

CVE-2017-14884

Posted on 2018년 2월 24일2018년 2월 24일 by admin

CVE-2017-14884

In all Qualcomm products with Android releases from CAF using the Linux kernel, due to lack of bounds checking on the variable "data_len" from the function WLANQCMBR_McProcessMsg, a buffer overflow may potentially occur in WLANFTM_McProcessMsg.

Source: CVE-2017-14884

CVE-2018-7420

Posted on 2018년 2월 24일2018년 2월 24일 by admin

CVE-2018-7420

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks.

Source: CVE-2018-7420

CVE-2018-7330

Posted on 2018년 2월 24일2018년 2월 24일 by admin

CVE-2018-7330

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite loop that was addressed by using a correct integer data type.

Source: CVE-2018-7330

CVE-2018-7331

Posted on 2018년 2월 24일2018년 2월 24일 by admin

CVE-2018-7331

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length.

Source: CVE-2018-7331

CVE-2018-7334

Posted on 2018년 2월 24일2018년 2월 24일 by admin

CVE-2018-7334

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.

Source: CVE-2018-7334

CVE-2018-7421

Posted on 2018년 2월 24일2018년 2월 24일 by admin

CVE-2018-7421

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification.

Source: CVE-2018-7421

CVE-2018-7337

Posted on 2018년 2월 24일2018년 2월 24일 by admin

CVE-2018-7337

In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.

Source: CVE-2018-7337

CVE-2018-7335

Posted on 2018년 2월 24일2018년 2월 24일 by admin

CVE-2018-7335

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.

Source: CVE-2018-7335

CVE-2018-7418

Posted on 2018년 2월 24일2018년 2월 24일 by admin

CVE-2018-7418

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.

Source: CVE-2018-7418

CVE-2018-7336

Posted on 2018년 2월 24일2018년 2월 24일 by admin

CVE-2018-7336

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.

Source: CVE-2018-7336