In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.
References
Link | Resource |
---|---|
https://gitlab.com/wireshark/wireshark/-/commit/b287e7165e8aa89cde6ae37e7c257c5d87d16b9b | Patch Third Party Advisory |
https://gitlab.com/wireshark/wireshark/-/issues/16887 | Exploit Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/ | |
https://www.wireshark.org/security/wnpa-sec-2020-15.html | Vendor Advisory |
Configurations
History
07 Nov 2023, 03:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-682 CWE-835 CWE-770 |
|
References |
|
|
11 Feb 2021, 14:13
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/ - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* |
06 Feb 2021, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-11-02 21:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-28030
Mitre link : CVE-2020-28030
CVE.ORG link : CVE-2020-28030
JSON object : View
Products Affected
fedoraproject
- fedora
debian
- debian_linux
wireshark
- wireshark