rpm package
suse/wireshark&distro=SUSE OpenStack Cloud 7
pkg:rpm/suse/wireshark&distro=SUSE%20OpenStack%20Cloud%207
Vulnerabilities (24)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-18227 | — | < 2.4.10-48.32.1 | 2.4.10-48.32.1 | Oct 12, 2018 | In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values. | ||
| CVE-2018-12086 | Hig | 7.5 | < 2.4.10-48.32.1 | 2.4.10-48.32.1 | Sep 14, 2018 | Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. | |
| CVE-2018-16058 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Aug 30, 2018 | In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure. | |
| CVE-2018-16057 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Aug 30, 2018 | In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations. | |
| CVE-2018-16056 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Aug 30, 2018 | In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists. | |
| CVE-2018-14370 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Jul 19, 2018 | In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read. | |
| CVE-2018-14369 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Jul 19, 2018 | In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression. | |
| CVE-2018-14368 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Jul 19, 2018 | In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long. | |
| CVE-2018-14367 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Jul 19, 2018 | In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition. | |
| CVE-2018-14344 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Jul 19, 2018 | In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read. | |
| CVE-2018-14343 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Jul 19, 2018 | In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer. | |
| CVE-2018-14342 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Jul 19, 2018 | In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths. | |
| CVE-2018-14341 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Jul 19, 2018 | In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow. | |
| CVE-2018-14340 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Jul 19, 2018 | In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read. | |
| CVE-2018-14339 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | Jul 19, 2018 | In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation. | |
| CVE-2018-11362 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | May 22, 2018 | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character. | |
| CVE-2018-11361 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | May 22, 2018 | In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey. | |
| CVE-2018-11360 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | May 22, 2018 | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow. | |
| CVE-2018-11359 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | May 22, 2018 | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. | |
| CVE-2018-11358 | Hig | 7.5 | < 2.4.9-48.29.1 | 2.4.9-48.29.1 | May 22, 2018 | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup. |
- CVE-2018-18227Oct 12, 2018affected < 2.4.10-48.32.1fixed 2.4.10-48.32.1
In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.
- affected < 2.4.10-48.32.1fixed 2.4.10-48.32.1
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.
- affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.
Page 1 of 2