SUSE-SU-2025:4440-1

Опубликовано: 17 дек. 2025

Источник: suse-cvrf

Описание

Security update for wireshark

This update for wireshark fixes the following issues:

CVE-2025-13499: Fixed Kafka dissector crash due to malformed packet (bsc#1254108).
CVE-2025-13946: Fixed MEGACO dissector infinite loop that allows denial of service (bsc#1254472).

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP7

libwireshark17-4.2.14-150600.18.32.1

libwiretap14-4.2.14-150600.18.32.1

libwsutil15-4.2.14-150600.18.32.1

wireshark-4.2.14-150600.18.32.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP7

wireshark-devel-4.2.14-150600.18.32.1

wireshark-ui-qt-4.2.14-150600.18.32.1

openSUSE Leap 15.6

libwireshark17-4.2.14-150600.18.32.1

libwiretap14-4.2.14-150600.18.32.1

libwsutil15-4.2.14-150600.18.32.1

wireshark-4.2.14-150600.18.32.1

wireshark-devel-4.2.14-150600.18.32.1

wireshark-ui-qt-4.2.14-150600.18.32.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20254440-1/
Link for SUSE-SU-2025:4440-1
https://lists.suse.com/pipermail/sle-security-updates/2025-December/023575.html
E-Mail link for SUSE-SU-2025:4440-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1254108
SUSE Bug 1254108
https://bugzilla.suse.com/1254472
SUSE Bug 1254472
https://www.suse.com/security/cve/CVE-2025-13499/
SUSE CVE CVE-2025-13499 page
https://www.suse.com/security/cve/CVE-2025-13946/
SUSE CVE CVE-2025-13946 page

Описание

Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark17-4.2.14-150600.18.32.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:libwiretap14-4.2.14-150600.18.32.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:libwsutil15-4.2.14-150600.18.32.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:wireshark-4.2.14-150600.18.32.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-13499.html
CVE-2025-13499
https://bugzilla.suse.com/1254108
SUSE Bug 1254108

Описание

MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark17-4.2.14-150600.18.32.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:libwiretap14-4.2.14-150600.18.32.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:libwsutil15-4.2.14-150600.18.32.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:wireshark-4.2.14-150600.18.32.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-13946.html
CVE-2025-13946
https://bugzilla.suse.com/1254472
SUSE Bug 1254472

SUSE-SU-2025:4440-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP7

SUSE Linux Enterprise Module for Desktop Applications 15 SP7

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-13499

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-13946

Описание

Затронутые продукты

Ссылки