Описание
Security update for wireshark
This update for wireshark fixes the following issues:
Security issue fixed (bsc#1082692):
- CVE-2018-7335: The IEEE 802.11 dissector could crash (wnpa-sec-2018-05)
- CVE-2018-7321: thrift long dissector loop (dissect_thrift_map)
- CVE-2018-7322: DICOM: inifinite loop (dissect_dcm_tag)
- CVE-2018-7323: WCCP: very long loop (dissect_wccp2_alternate_mask_value_set_element)
- CVE-2018-7324: SCCP: infinite loop (dissect_sccp_optional_parameters)
- CVE-2018-7325: RPKI-Router Protocol: infinite loop (dissect_rpkirtr_pdu)
- CVE-2018-7326: LLTD: infinite loop (dissect_lltd_tlv)
- CVE-2018-7327: openflow_v6: infinite loop (dissect_openflow_bundle_control_v6)
- CVE-2018-7328: USB-DARWIN: long loop (dissect_darwin_usb_iso_transfer)
- CVE-2018-7329: S7COMM: infinite loop (s7comm_decode_ud_cpu_alarm_main)
- CVE-2018-7330: thread_meshcop: infinite loop (get_chancount)
- CVE-2018-7331: GTP: infinite loop (dissect_gprscdr_GGSNPDPRecord, dissect_ber_set)
- CVE-2018-7332: RELOAD: infinite loop (dissect_statans)
- CVE-2018-7333: RPCoRDMA: infinite loop in get_write_list_chunk_count
- CVE-2018-7421: Multiple dissectors could go into large infinite loops (wnpa-sec-2018-06)
- CVE-2018-7334: The UMTS MAC dissector could crash (wnpa-sec-2018-07)
- CVE-2018-7337: The DOCSIS dissector could crash (wnpa-sec-2018-08)
- CVE-2018-7336: The FCP dissector could crash (wnpa-sec-2018-09)
- CVE-2018-7320: The SIGCOMP dissector could crash (wnpa-sec-2018-10)
- CVE-2018-7420: The pcapng file parser could crash (wnpa-sec-2018-11)
- CVE-2018-7417: The IPMI dissector could crash (wnpa-sec-2018-12)
- CVE-2018-7418: The SIGCOMP dissector could crash (wnpa-sec-2018-13)
- CVE-2018-7419: The NBAP disssector could crash (wnpa-sec-2018-14)
- CVE-2017-17997: Misuse of NULL pointer in MRDISC dissector (bsc#1077080).
Список пакетов
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Ссылки
- Link for SUSE-SU-2018:0867-1
- E-Mail link for SUSE-SU-2018:0867-1
- SUSE Security Ratings
- SUSE Bug 1077080
- SUSE Bug 1082692
- SUSE CVE CVE-2017-17997 page
- SUSE CVE CVE-2018-7320 page
- SUSE CVE CVE-2018-7321 page
- SUSE CVE CVE-2018-7322 page
- SUSE CVE CVE-2018-7323 page
- SUSE CVE CVE-2018-7324 page
- SUSE CVE CVE-2018-7325 page
- SUSE CVE CVE-2018-7326 page
- SUSE CVE CVE-2018-7327 page
- SUSE CVE CVE-2018-7328 page
- SUSE CVE CVE-2018-7329 page
- SUSE CVE CVE-2018-7330 page
- SUSE CVE CVE-2018-7331 page
- SUSE CVE CVE-2018-7332 page
- SUSE CVE CVE-2018-7333 page
Описание
In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343.
Затронутые продукты
Ссылки
- CVE-2017-17997
- SUSE Bug 1077080
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets.
Затронутые продукты
Ссылки
- CVE-2018-7320
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.
Затронутые продукты
Ссылки
- CVE-2018-7321
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound.
Затронутые продукты
Ссылки
- CVE-2018-7322
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing.
Затронутые продукты
Ссылки
- CVE-2018-7323
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type.
Затронутые продукты
Ссылки
- CVE-2018-7324
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field.
Затронутые продукты
Ссылки
- CVE-2018-7325
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type.
Затронутые продукты
Ссылки
- CVE-2018-7326
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths.
Затронутые продукты
Ссылки
- CVE-2018-7327
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths.
Затронутые продукты
Ссылки
- CVE-2018-7328
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors.
Затронутые продукты
Ссылки
- CVE-2018-7329
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite loop that was addressed by using a correct integer data type.
Затронутые продукты
Ссылки
- CVE-2018-7330
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length.
Затронутые продукты
Ссылки
- CVE-2018-7331
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length.
Затронутые продукты
Ссылки
- CVE-2018-7332
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size.
Затронутые продукты
Ссылки
- CVE-2018-7333
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.
Затронутые продукты
Ссылки
- CVE-2018-7334
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.
Затронутые продукты
Ссылки
- CVE-2018-7335
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.
Затронутые продукты
Ссылки
- CVE-2018-7336
- SUSE Bug 1082692
Описание
In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.
Затронутые продукты
Ссылки
- CVE-2018-7337
- SUSE Bug 1082692
Описание
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header.
Затронутые продукты
Ссылки
- CVE-2018-7417
- SUSE Bug 1082692
Описание
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.
Затронутые продукты
Ссылки
- CVE-2018-7418
- SUSE Bug 1082692
Описание
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization.
Затронутые продукты
Ссылки
- CVE-2018-7419
- SUSE Bug 1082692
Описание
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks.
Затронутые продукты
Ссылки
- CVE-2018-7420
- SUSE Bug 1082692
Описание
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification.
Затронутые продукты
Ссылки
- CVE-2018-7421
- SUSE Bug 1082692