Описание
Security update for wireshark
This update for wireshark to version 2.4.9 fixes the following issues:
Security issues fixed (bsc#1106514):
- CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
- CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
- CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)
Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Desktop Applications 15
Ссылки
- Link for SUSE-SU-2018:2889-1
- E-Mail link for SUSE-SU-2018:2889-1
- SUSE Security Ratings
- SUSE Bug 1106514
- SUSE CVE CVE-2018-16056 page
- SUSE CVE CVE-2018-16057 page
- SUSE CVE CVE-2018-16058 page
Описание
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.
Затронутые продукты
Ссылки
- CVE-2018-16056
- SUSE Bug 1106514
Описание
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.
Затронутые продукты
Ссылки
- CVE-2018-16057
- SUSE Bug 1106514
Описание
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.
Затронутые продукты
Ссылки
- CVE-2018-16058
- SUSE Bug 1106514