SUSE-SU-2018:0054-1 -- SLES wireshark, libwireshark8, libwiretap6, libwscodecs1, libwsutil7, libsmi, portaudioID: oval:org.secpod.oval:def:89002164 | Date: (C)2021-02-26 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for wireshark to version 2.2.11 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of-bounds write. This was addressed by adding string validation - CVE-2017-13765: The IrCOMM dissector had a buffer over-read and application crash. This was addressed by adding length validation - CVE-2017-9766: PROFINET IO data with a high recursion depth allowed remote attackers to cause a denial of service in the dissect_IODWriteReq function - CVE-2017-9617: Deeply nested DAAP data may have cause stack exhaustion in the dissect_daap_one_tag function in the DAAP dissector - CVE-2017-15192: The BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level. - CVE-2017-15193: The MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach. - CVE-2017-15191: The DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length. - CVE-2017-17083: NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. - CVE-2017-17084: IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length. - CVE-2017-17085: the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
wireshark |
libwireshark8 |
libwiretap6 |
libwscodecs1 |
libwsutil7 |
libsmi |
portaudio |