Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:0619-1

Опубликовано: 15 мар. 2019
Источник: suse-cvrf

Описание

Security update for wireshark

This update for wireshark to version 2.4.13 fixes the following issues:

Security issues fixed:

  • CVE-2019-9214: Avoided a dereference of a null coversation which could make RPCAP dissector crash (bsc#1127367).
  • CVE-2019-9209: Fixed a buffer overflow in time values which could make ASN.1 BER and related dissectors crash (bsc#1127369).
  • CVE-2019-9208: Fixed a null pointer dereference which could make TCAP dissector crash (bsc#1127370).

Release notes: https://www.wireshark.org/docs/relnotes/wireshark-2.4.13.html

Список пакетов

Image SLES15-SAP-Azure-LI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SAP-Azure-VLI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
wireshark-2.4.13-3.22.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
wireshark-2.4.13-3.22.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SP5-SAP-Azure-LI-BYOS
wireshark-2.4.13-3.22.1
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
wireshark-2.4.13-3.22.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS
wireshark-2.4.13-3.22.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
wireshark-2.4.13-3.22.1
SUSE Linux Enterprise Module for Basesystem 15
libwireshark9-2.4.13-3.22.1
libwiretap7-2.4.13-3.22.1
libwscodecs1-2.4.13-3.22.1
libwsutil8-2.4.13-3.22.1
wireshark-2.4.13-3.22.1
SUSE Linux Enterprise Module for Desktop Applications 15
wireshark-devel-2.4.13-3.22.1
wireshark-ui-qt-2.4.13-3.22.1

Ссылки

Описание

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.

Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:wireshark-2.4.13-3.22.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:wireshark-2.4.13-3.22.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-2.4.13-3.22.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:wireshark-2.4.13-3.22.1
Ссылки

Описание

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.

Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:wireshark-2.4.13-3.22.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:wireshark-2.4.13-3.22.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-2.4.13-3.22.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:wireshark-2.4.13-3.22.1
Ссылки

Описание

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.

Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:wireshark-2.4.13-3.22.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:wireshark-2.4.13-3.22.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-2.4.13-3.22.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:wireshark-2.4.13-3.22.1
Ссылки
Уязвимость SUSE-SU-2019:0619-1