Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:0130-1

Опубликовано: 18 янв. 2019
Источник: suse-cvrf

Описание

Security update for wireshark

This update for wireshark to version 2.4.12 fixes the following issues:

Security issues fixed:

  • CVE-2019-5717: Fixed a denial of service in the P_MUL dissector (bsc#1121232)
  • CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors (bsc#1121233)
  • CVE-2019-5719: Fixed a denial of service in the ISAKMP dissector (bsc#1121234)
  • CVE-2019-5721: Fixed a denial of service in the ISAKMP dissector (bsc#1121235)

Список пакетов

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
wireshark-2.4.12-3.19.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
wireshark-2.4.12-3.19.1
Image SLES15-SP5-SAP-Azure-LI-BYOS
wireshark-2.4.12-3.19.1
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
wireshark-2.4.12-3.19.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS
wireshark-2.4.12-3.19.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
wireshark-2.4.12-3.19.1
SUSE Linux Enterprise Module for Basesystem 15
libwireshark9-2.4.12-3.19.1
libwiretap7-2.4.12-3.19.1
libwscodecs1-2.4.12-3.19.1
libwsutil8-2.4.12-3.19.1
wireshark-2.4.12-3.19.1
SUSE Linux Enterprise Module for Desktop Applications 15
wireshark-devel-2.4.12-3.19.1
wireshark-ui-qt-2.4.12-3.19.1

Ссылки

Описание

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.

Затронутые продукты
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS:wireshark-2.4.12-3.19.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.

Затронутые продукты
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS:wireshark-2.4.12-3.19.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.

Затронутые продукты
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS:wireshark-2.4.12-3.19.1
Ссылки

Описание

In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.

Затронутые продукты
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production:wireshark-2.4.12-3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS:wireshark-2.4.12-3.19.1
Ссылки
Уязвимость SUSE-SU-2019:0130-1