Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2018:2184-1

Опубликовано: 03 авг. 2018
Источник: suse-cvrf

Описание

Security update for wireshark

This update for wireshark fixes the following issues:

Security issues fixed:

  • CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, boo#1101777)
  • CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, boo#1101788)
  • CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, boo#1101804)
  • CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, boo#1101786)
  • CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, boo#1101810)
  • CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, boo#1101776)
  • CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, boo#1101794)
  • CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, boo#1101800)
  • CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, boo#1101791)
  • CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, boo#1101802)

Bug fixes:

Список пакетов

openSUSE Leap 15.0
libwireshark9-2.4.8-lp150.2.6.1
libwiretap7-2.4.8-lp150.2.6.1
libwscodecs1-2.4.8-lp150.2.6.1
libwsutil8-2.4.8-lp150.2.6.1
wireshark-2.4.8-lp150.2.6.1
wireshark-devel-2.4.8-lp150.2.6.1
wireshark-ui-qt-2.4.8-lp150.2.6.1

Ссылки

Описание

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.

Затронутые продукты
openSUSE Leap 15.0:libwireshark9-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwiretap7-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwscodecs1-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwsutil8-2.4.8-lp150.2.6.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.

Затронутые продукты
openSUSE Leap 15.0:libwireshark9-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwiretap7-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwscodecs1-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwsutil8-2.4.8-lp150.2.6.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.

Затронутые продукты
openSUSE Leap 15.0:libwireshark9-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwiretap7-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwscodecs1-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwsutil8-2.4.8-lp150.2.6.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.

Затронутые продукты
openSUSE Leap 15.0:libwireshark9-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwiretap7-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwscodecs1-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwsutil8-2.4.8-lp150.2.6.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.

Затронутые продукты
openSUSE Leap 15.0:libwireshark9-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwiretap7-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwscodecs1-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwsutil8-2.4.8-lp150.2.6.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.

Затронутые продукты
openSUSE Leap 15.0:libwireshark9-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwiretap7-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwscodecs1-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwsutil8-2.4.8-lp150.2.6.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.

Затронутые продукты
openSUSE Leap 15.0:libwireshark9-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwiretap7-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwscodecs1-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwsutil8-2.4.8-lp150.2.6.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.

Затронутые продукты
openSUSE Leap 15.0:libwireshark9-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwiretap7-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwscodecs1-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwsutil8-2.4.8-lp150.2.6.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.

Затронутые продукты
openSUSE Leap 15.0:libwireshark9-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwiretap7-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwscodecs1-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwsutil8-2.4.8-lp150.2.6.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.

Затронутые продукты
openSUSE Leap 15.0:libwireshark9-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwiretap7-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwscodecs1-2.4.8-lp150.2.6.1
openSUSE Leap 15.0:libwsutil8-2.4.8-lp150.2.6.1
Ссылки
Уязвимость openSUSE-SU-2018:2184-1