CVE-2018-19628 : Security Advisory and Response

Wireshark versions 2.6.0 to 2.6.4 had a vulnerability in the ZigBee ZCL dissector that could lead to a crash. This CVE has been resolved by implementing a preventive measure against a divide-by-zero error.

Understanding CVE-2018-19628

This CVE addresses a specific vulnerability in Wireshark versions 2.6.0 to 2.6.4 related to the ZigBee ZCL dissector.

What is CVE-2018-19628?

In Wireshark versions 2.6.0 to 2.6.4, a vulnerability in the ZigBee ZCL dissector could cause the application to crash. The issue was fixed by adding a preventive measure to avoid a divide-by-zero error.

The Impact of CVE-2018-19628

The vulnerability could potentially lead to a denial of service if exploited, causing Wireshark to crash during ZigBee ZCL packet analysis.

Technical Details of CVE-2018-19628

This section provides more in-depth technical details about the CVE.

Vulnerability Description

The vulnerability in Wireshark versions 2.6.0 to 2.6.4 allowed for a crash in the ZigBee ZCL dissector due to a divide-by-zero error. The issue was specifically addressed in the file epan/dissectors/packet-zbee-zcl-lighting.c.

Affected Systems and Versions

Wireshark versions 2.6.0 to 2.6.4

Exploitation Mechanism

Exploiting this vulnerability could lead to a denial of service by crashing Wireshark during ZigBee ZCL packet analysis.

Mitigation and Prevention

Protecting systems from CVE-2018-19628 involves taking immediate steps and implementing long-term security practices.

Immediate Steps to Take

Update Wireshark to a version beyond 2.6.4 to mitigate the vulnerability.
Monitor vendor advisories for patches and updates related to this CVE.

Long-Term Security Practices

Regularly update software and applications to the latest versions to ensure security patches are applied promptly.
Employ network segmentation and access controls to limit the impact of potential vulnerabilities.

Patching and Updates

Apply patches provided by Wireshark to address the vulnerability.