Описание
Security update for wireshark
This update for wireshark fixes the following issues:
Update to version 3.6.1:
- CVE-2021-4185: RTMPT dissector infinite loop (bsc#1194166)
- CVE-2021-4184: BitTorrent DHT dissector infinite loop (bsc#1194167)
- CVE-2021-4183: pcapng file parser crash (bsc#1194168)
- CVE-2021-4182: RFC 7468 file parser infinite loop (bsc#1194169)
- CVE-2021-4181: Sysdig Event dissector crash (bsc#1194170)
- CVE-2021-4190: Kafka dissector infinite loop (bsc#1194171)
- Support for Shared Memory Communications (SMC) (jsc#SLE-18727)
Список пакетов
openSUSE Leap 15.3
libvirt-7.1.0-150300.6.23.1
libvirt-admin-7.1.0-150300.6.23.1
libvirt-bash-completion-7.1.0-150300.6.23.1
libvirt-client-7.1.0-150300.6.23.1
libvirt-daemon-7.1.0-150300.6.23.1
libvirt-daemon-config-network-7.1.0-150300.6.23.1
libvirt-daemon-config-nwfilter-7.1.0-150300.6.23.1
libvirt-daemon-driver-interface-7.1.0-150300.6.23.1
libvirt-daemon-driver-libxl-7.1.0-150300.6.23.1
libvirt-daemon-driver-lxc-7.1.0-150300.6.23.1
libvirt-daemon-driver-network-7.1.0-150300.6.23.1
libvirt-daemon-driver-nodedev-7.1.0-150300.6.23.1
libvirt-daemon-driver-nwfilter-7.1.0-150300.6.23.1
libvirt-daemon-driver-qemu-7.1.0-150300.6.23.1
libvirt-daemon-driver-secret-7.1.0-150300.6.23.1
libvirt-daemon-driver-storage-7.1.0-150300.6.23.1
libvirt-daemon-driver-storage-core-7.1.0-150300.6.23.1
libvirt-daemon-driver-storage-disk-7.1.0-150300.6.23.1
libvirt-daemon-driver-storage-gluster-7.1.0-150300.6.23.1
libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.23.1
libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.23.1
libvirt-daemon-driver-storage-logical-7.1.0-150300.6.23.1
libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.23.1
libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.23.1
libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.23.1
libvirt-daemon-hooks-7.1.0-150300.6.23.1
libvirt-daemon-lxc-7.1.0-150300.6.23.1
libvirt-daemon-qemu-7.1.0-150300.6.23.1
libvirt-daemon-xen-7.1.0-150300.6.23.1
libvirt-devel-7.1.0-150300.6.23.1
libvirt-devel-32bit-7.1.0-150300.6.23.1
libvirt-doc-7.1.0-150300.6.23.1
libvirt-libs-7.1.0-150300.6.23.1
libvirt-lock-sanlock-7.1.0-150300.6.23.1
libvirt-nss-7.1.0-150300.6.23.1
libwireshark15-3.6.1-3.68.1
libwiretap12-3.6.1-3.68.1
libwsutil13-3.6.1-3.68.1
wireshark-3.6.1-3.68.1
wireshark-devel-3.6.1-3.68.1
wireshark-plugin-libvirt-7.1.0-150300.6.23.1
wireshark-ui-qt-3.6.1-3.68.1
Ссылки
- E-Mail link for openSUSE-SU-2022:0375-1
- SUSE Security Ratings
- SUSE Bug 1194166
- SUSE Bug 1194167
- SUSE Bug 1194168
- SUSE Bug 1194169
- SUSE Bug 1194170
- SUSE Bug 1194171
- SUSE Bug 1194780
- SUSE CVE CVE-2021-4181 page
- SUSE CVE CVE-2021-4182 page
- SUSE CVE CVE-2021-4183 page
- SUSE CVE CVE-2021-4184 page
- SUSE CVE CVE-2021-4185 page
- SUSE CVE CVE-2021-4190 page
Описание
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Затронутые продукты
openSUSE Leap 15.3:libvirt-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-admin-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-bash-completion-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-client-7.1.0-150300.6.23.1
Ссылки
- CVE-2021-4181
- SUSE Bug 1194170
Описание
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Затронутые продукты
openSUSE Leap 15.3:libvirt-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-admin-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-bash-completion-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-client-7.1.0-150300.6.23.1
Ссылки
- CVE-2021-4182
- SUSE Bug 1194169
Описание
Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file
Затронутые продукты
openSUSE Leap 15.3:libvirt-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-admin-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-bash-completion-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-client-7.1.0-150300.6.23.1
Ссылки
- CVE-2021-4183
- SUSE Bug 1194168
Описание
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Затронутые продукты
openSUSE Leap 15.3:libvirt-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-admin-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-bash-completion-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-client-7.1.0-150300.6.23.1
Ссылки
- CVE-2021-4184
- SUSE Bug 1194167
Описание
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Затронутые продукты
openSUSE Leap 15.3:libvirt-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-admin-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-bash-completion-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-client-7.1.0-150300.6.23.1
Ссылки
- CVE-2021-4185
- SUSE Bug 1194166
Описание
Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file
Затронутые продукты
openSUSE Leap 15.3:libvirt-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-admin-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-bash-completion-7.1.0-150300.6.23.1
openSUSE Leap 15.3:libvirt-client-7.1.0-150300.6.23.1
Ссылки
- CVE-2021-4190
- SUSE Bug 1194171