Описание
Security update for wireshark
This update for wireshark to version 2.4.12 fixes the following issues:
Security issues fixed:
- CVE-2019-5717: Fixed a denial of service in the P_MUL dissector (bsc#1121232)
- CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors (bsc#1121233)
- CVE-2019-5719: Fixed a denial of service in the ISAKMP dissector (bsc#1121234)
- CVE-2019-5721: Fixed a denial of service in the ISAKMP dissector (bsc#1121235)
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
Ссылки
- E-Mail link for openSUSE-SU-2019:0092-1
- SUSE Security Ratings
- SUSE Bug 1121232
- SUSE Bug 1121233
- SUSE Bug 1121234
- SUSE Bug 1121235
- SUSE CVE CVE-2019-5717 page
- SUSE CVE CVE-2019-5718 page
- SUSE CVE CVE-2019-5719 page
- SUSE CVE CVE-2019-5721 page
Описание
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.
Затронутые продукты
Ссылки
- CVE-2019-5717
- SUSE Bug 1121232
Описание
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.
Затронутые продукты
Ссылки
- CVE-2019-5718
- SUSE Bug 1121233
Описание
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.
Затронутые продукты
Ссылки
- CVE-2019-5719
- SUSE Bug 1121234
Описание
In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.
Затронутые продукты
Ссылки
- CVE-2019-5721
- SUSE Bug 1121235