Описание
Security update for wireshark
This update for wireshark to version 2.2.17 fixes the following issues:
Security issues fixed (boo#1106514):
- CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
- CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
- CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)
Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.17.html
Список пакетов
openSUSE Leap 42.3
Ссылки
- E-Mail link for openSUSE-SU-2018:2587-1
- SUSE Security Ratings
Описание
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.
Затронутые продукты
Ссылки
- CVE-2018-16056
- SUSE Bug 1106514
Описание
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.
Затронутые продукты
Ссылки
- CVE-2018-16057
- SUSE Bug 1106514
Описание
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.
Затронутые продукты
Ссылки
- CVE-2018-16058
- SUSE Bug 1106514