Описание
Security update for wireshark
This update for wireshark fixes the following issues:
Update to version 4.2.11:
- CVE-2025-1492: uncontrolled recursion leading to a stack buffer overflow can cause Bundle Protocol and CBOR dissector to crash (bsc#1237414).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
libwireshark17-4.2.11-150600.18.20.1
libwiretap14-4.2.11-150600.18.20.1
libwsutil15-4.2.11-150600.18.20.1
wireshark-4.2.11-150600.18.20.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6
wireshark-devel-4.2.11-150600.18.20.1
wireshark-ui-qt-4.2.11-150600.18.20.1
openSUSE Leap 15.6
libwireshark17-4.2.11-150600.18.20.1
libwiretap14-4.2.11-150600.18.20.1
libwsutil15-4.2.11-150600.18.20.1
wireshark-4.2.11-150600.18.20.1
wireshark-devel-4.2.11-150600.18.20.1
wireshark-ui-qt-4.2.11-150600.18.20.1
Ссылки
- Link for SUSE-SU-2025:0754-1
- E-Mail link for SUSE-SU-2025:0754-1
- SUSE Security Ratings
- SUSE Bug 1237414
- SUSE CVE CVE-2025-1492 page
Описание
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:libwireshark17-4.2.11-150600.18.20.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libwiretap14-4.2.11-150600.18.20.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libwsutil15-4.2.11-150600.18.20.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:wireshark-4.2.11-150600.18.20.1
Ссылки
- CVE-2025-1492
- SUSE Bug 1237414