Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:0179-1

Опубликовано: 23 янв. 2018
Источник: suse-cvrf

Описание

Security update for wireshark

This update for wireshark to version 2.2.12 fixes the following issues:

  • CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)
  • CVE-2018-5335: WCP dissector could crash (bsc#1075738)
  • CVE-2018-5336: Multiple dissector crashes (bsc#1075739)
  • CVE-2017-17935: Incorrect handling of '\n' in file_read_line function could have lead to denial of service (bsc#1074171)

This release no longer enables the Linux kernel BPF JIT compiler via the net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable to Spectre variant 1 CVE-2017-5753 - (bsc#1075748)

Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html

Список пакетов

SUSE Linux Enterprise Server 11 SP4
libwireshark8-2.2.12-40.17.1
libwiretap6-2.2.12-40.17.1
libwscodecs1-2.2.12-40.17.1
libwsutil7-2.2.12-40.17.1
wireshark-2.2.12-40.17.1
wireshark-gtk-2.2.12-40.17.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libwireshark8-2.2.12-40.17.1
libwiretap6-2.2.12-40.17.1
libwscodecs1-2.2.12-40.17.1
libwsutil7-2.2.12-40.17.1
wireshark-2.2.12-40.17.1
wireshark-gtk-2.2.12-40.17.1
SUSE Linux Enterprise Software Development Kit 11 SP4
libwireshark8-2.2.12-40.17.1
libwiretap6-2.2.12-40.17.1
libwscodecs1-2.2.12-40.17.1
libwsutil7-2.2.12-40.17.1
wireshark-2.2.12-40.17.1
wireshark-devel-2.2.12-40.17.1
wireshark-gtk-2.2.12-40.17.1

Ссылки

Описание

The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libwireshark8-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwiretap6-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwscodecs1-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwsutil7-2.2.12-40.17.1
Ссылки

Описание

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libwireshark8-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwiretap6-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwscodecs1-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwsutil7-2.2.12-40.17.1
Ссылки

Описание

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libwireshark8-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwiretap6-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwscodecs1-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwsutil7-2.2.12-40.17.1
Ссылки

Описание

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libwireshark8-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwiretap6-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwscodecs1-2.2.12-40.17.1
SUSE Linux Enterprise Server 11 SP4:libwsutil7-2.2.12-40.17.1
Ссылки
Уязвимость SUSE-SU-2018:0179-1