rpm package
opensuse/wireshark&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed
Vulnerabilities (540)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-7337 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs. | |
| CVE-2018-7336 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer. | |
| CVE-2018-7335 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small. | |
| CVE-2018-7334 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value. | |
| CVE-2018-7333 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size. | |
| CVE-2018-7329 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors. | |
| CVE-2018-7325 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field. | |
| CVE-2018-7321 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type. | |
| CVE-2018-7320 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets. | |
| CVE-2018-5336 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Jan 11, 2018 | In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth. | |
| CVE-2018-5335 | Med | 6.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Jan 11, 2018 | In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length. | |
| CVE-2018-5334 | Med | 6.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Jan 11, 2018 | In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks. | |
| CVE-2017-5753 | Med | 5.6 | < 3.4.8-1.2 | 3.4.8-1.2 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | |
| CVE-2017-17085 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Dec 1, 2017 | In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length. | |
| CVE-2017-17084 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Dec 1, 2017 | In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length. | |
| CVE-2017-17083 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Dec 1, 2017 | In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. | |
| CVE-2017-15193 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach. | |
| CVE-2017-15192 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level. | |
| CVE-2017-15191 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length. | |
| CVE-2017-15190 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable. |
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable.
Page 12 of 27