rpm package
suse/wireshark&distro=SUSE Linux Enterprise Server 12 SP2
pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2
Vulnerabilities (80)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-7322 | Hig | 7.5 | < 2.2.13-48.21.1 | 2.2.13-48.21.1 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound. | |
| CVE-2018-7321 | Hig | 7.5 | < 2.2.13-48.21.1 | 2.2.13-48.21.1 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type. | |
| CVE-2018-7320 | Hig | 7.5 | < 2.2.13-48.21.1 | 2.2.13-48.21.1 | Feb 23, 2018 | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets. | |
| CVE-2018-5336 | Hig | 7.5 | < 2.2.12-48.18.1 | 2.2.12-48.18.1 | Jan 11, 2018 | In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth. | |
| CVE-2018-5335 | Med | 6.5 | < 2.2.12-48.18.1 | 2.2.12-48.18.1 | Jan 11, 2018 | In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length. | |
| CVE-2018-5334 | Med | 6.5 | < 2.2.12-48.18.1 | 2.2.12-48.18.1 | Jan 11, 2018 | In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks. | |
| CVE-2017-17997 | Hig | 7.5 | < 2.2.13-48.21.1 | 2.2.13-48.21.1 | Dec 30, 2017 | In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343. | |
| CVE-2017-17935 | Hig | 7.5 | < 2.2.12-48.18.1 | 2.2.12-48.18.1 | Dec 27, 2017 | The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted process | |
| CVE-2017-17085 | Hig | 7.5 | < 2.2.11-48.15.3 | 2.2.11-48.15.3 | Dec 1, 2017 | In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length. | |
| CVE-2017-17084 | Hig | 7.5 | < 2.2.11-48.15.3 | 2.2.11-48.15.3 | Dec 1, 2017 | In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length. | |
| CVE-2017-17083 | Hig | 7.5 | < 2.2.11-48.15.3 | 2.2.11-48.15.3 | Dec 1, 2017 | In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. | |
| CVE-2017-15193 | Hig | 7.5 | < 2.2.10-48.12.1 | 2.2.10-48.12.1 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach. | |
| CVE-2017-15192 | Hig | 7.5 | < 2.2.10-48.12.1 | 2.2.10-48.12.1 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level. | |
| CVE-2017-15191 | Hig | 7.5 | < 2.2.10-48.12.1 | 2.2.10-48.12.1 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length. | |
| CVE-2017-13767 | Hig | 7.5 | < 2.2.9-48.9.2 | 2.2.9-48.9.2 | Aug 30, 2017 | In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation. | |
| CVE-2017-13766 | Hig | 7.5 | < 2.2.9-48.9.2 | 2.2.9-48.9.2 | Aug 30, 2017 | In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation. | |
| CVE-2017-13765 | Hig | 7.5 | < 2.2.9-48.9.2 | 2.2.9-48.9.2 | Aug 30, 2017 | In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation. | |
| CVE-2017-11411 | Hig | 7.5 | < 2.2.8-48.6.1 | 2.2.8-48.6.1 | Jul 18, 2017 | In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-935 | |
| CVE-2017-11410 | Hig | 7.5 | < 2.2.8-48.6.1 | 2.2.8-48.6.1 | Jul 18, 2017 | In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and l | |
| CVE-2017-11408 | Hig | 7.5 | < 2.2.8-48.6.1 | 2.2.8-48.6.1 | Jul 18, 2017 | In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection. |
- affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound.
- affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.
- affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets.
- affected < 2.2.12-48.18.1fixed 2.2.12-48.18.1
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.
- affected < 2.2.12-48.18.1fixed 2.2.12-48.18.1
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.
- affected < 2.2.12-48.18.1fixed 2.2.12-48.18.1
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks.
- affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1
In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343.
- affected < 2.2.12-48.18.1fixed 2.2.12-48.18.1
The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted process
- affected < 2.2.11-48.15.3fixed 2.2.11-48.15.3
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
- affected < 2.2.11-48.15.3fixed 2.2.11-48.15.3
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.
- affected < 2.2.11-48.15.3fixed 2.2.11-48.15.3
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.
- affected < 2.2.10-48.12.1fixed 2.2.10-48.12.1
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.
- affected < 2.2.10-48.12.1fixed 2.2.10-48.12.1
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level.
- affected < 2.2.10-48.12.1fixed 2.2.10-48.12.1
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.
- affected < 2.2.9-48.9.2fixed 2.2.9-48.9.2
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.
- affected < 2.2.9-48.9.2fixed 2.2.9-48.9.2
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.
- affected < 2.2.9-48.9.2fixed 2.2.9-48.9.2
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation.
- affected < 2.2.8-48.6.1fixed 2.2.8-48.6.1
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-935
- affected < 2.2.8-48.6.1fixed 2.2.8-48.6.1
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and l
- affected < 2.2.8-48.6.1fixed 2.2.8-48.6.1
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection.
Page 2 of 4